Developer

Why CAPTCHA Is Evil And Must Die

I have complained about CAPTCHA as a security measure many times around these parts, but that doesn’t stop some of the biggest players in the market continuing to use annoying and often unreadable CAPTCHA security (yes, I’m looking at you, Google, your CAPTCHA sucks to a level arguably only matched by Optus). A new Australian campaign against CAPTCHA highlights a crucial point: they suck badly and waste time for most people, but they register large swathes of the internet actually unusable for the vision-impaired.

CAPTCHA is familiar to many of us in the form of on-screen messages asking for a sequence of letters to be typed, and in theory means that systems can prevent registration by non-human automated systems. In reality, it usually means swearing repeatedly at the screen because the characters you can see are unreadable and you’re wasting time trying to sign into a service you already use. (Again, Google, thanks for nothing.)

The Australian Communications Consumer Action Network (ACCAN) is spearheading a campaign to push for organisations in Australia to abandon CAPTCHA in favour of more accessible alternatives. ACCAN has partnered with Blind Citizens Australia, Media Access Australia, Able Australia and the Australian Deafblind Council for the initiative, which includes an online petition opposing the use of CAPTCHA.

While online petitions are often pointless, there’s an important message here for developers: don’t use CAPTCHA. The W3C proposes several less discriminatory alternatives, including more effective back-end system checks and the use of logic puzzles. Audio versions aren’t necessarily a solution, since these often prove just as hard to comprehend as the visual versions.