The Problem With CAPTCHAs
“CAPTCHA” is an acronym for “Completely Automated Public Turing test to tell Computers and Humans Apart”and is a test for determining whether a given user is a human being or another automated system. The tests are based upon the concept that a computer will not be able to respond correctly to certain kinds of questions. If the correct solution is entered, the presumption is that the respondent is human. On this basis, CAPTCHAs may be considered when you want to prevent automated systems from gaining access to specific web services such as using an online contact form, registering for an online account or posting on a forum.
The most commonly occurring form of CAPTCHA is visual and uses graphics with distorted or obscured letters or numbers. In order to proceed with a registration or comment, the human must isolate the letter/numbers and type them into a text input. If the series of characters entered is correct, the user is assumed to be human. If the series is incorrect, the user may be mistakenly labelled as an automated system.
Because CAPTCHAs are designed to be machine-proof, these graphics do not have text equivalents or alt attributes. So far, so good. Machines - even those with sophisticated OCR scanning - will have a problem deciphering them. The problem is that screen readers are also machines, so screen reader users cannot read them. So visually impaired users individuals cannot proceed with the registration or purchase.
Unless you’ve used a screen reader or worked with screen reader users, these problems may be difficult to envisage. With that in mind, the American Foundation for the Blind have produced a video illustrating the problems with graphical CAPTCHAs.
The Guild of Accessible Web Designers (GAWDS) also has complied a recommended reading list for anyone who is considering implementing a CAPTCHA.
[...] anyone still has doubts about the problems that visual CAPTCHAs can create, I suggest that they check out a video produced by the American Federation for the Blind [...]
As a sighted user with good but not perfect eyesight, I find many captcha’s irritating becuase:
1) Some are very difficult to read, and it is sometimes easy to spot extra characters that don’t really exist.
2) It isn’t usually made clear whether the test is case sensitive or not. I generally assume that it is.
3) If you get it wrong, most sites will produce a completely new image to identify. Whilst this is obviously more secure, I would prefer a more pragmatic approach that gives me say three attempts to get it right before changing it.