Last Updated on: February 18, 2023
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a method of preventing spam commonly used in web forms.
The user is shown a distorted image of numbers, letters or words and is asked to type them out. This ensures that the form is not filled out automatically by a bot and reduces the spam sent through that form.
It is clear that this solution goes a long way to dealing with the spam problem, and the webmaster is happy, but at what cost to the user? At best, there is another field to fill out. At worst, if the image is hard to read or the user has some visual impairment, it is a barrier for the user to complete the form.
Most good CAPTCHA implementations will include a visual (image with text) and audible (audio playback of the text), meaning that even those struggling to read the image can complete the form. There are also usually options to “refresh” the image, creating a potentially easier-to-read image.
All of this helps but does not avoid the fact that the user has to do more work to complete the form. We are always looking to increase conversions and should be looking at reducing the actions a user has to do (such as avoiding duplicate email and password fields) to increase the chance they will fill out the form.
So what about alternatives? A great example of spam detection is Akismet, as popularised by WordPress. Algorithms and tests automatically detect spam on the Akismet server, and this reduces manual checking to pretty much zero. Most importantly, the user experience is untouched.
So using Akismet or a similar service is the ideal solution – the user does not see a change, and the spam problem is still solved. The service should err on the side of caution to prevent losing genuine information. Regular checks of the “spam” content should also be considered.
The second best solution, which can also be used in conjunction with an Akismet-type integration, would be to improve your admin systems. If your form is submitted directly to email, then it will be difficult to check and remove large amounts of spam. Having a tidy admin area that can view/edit/delete data altogether will reduce the time spent on checking for spam.
Many CAPTCHA implementations are unnecessary and are done as either habit or due to some idea that it is a professional thing to do – question whether you will actually receive spam and whether it is better to deal with it manually.
The final alternative would be to make the CAPTCHA less obtrusive, more fun or easier in some creative way. Microsoft have the initiative ASIRRA, which shows promise – the user is asked to identify pictures of dogs and cats. A simple click by the user is all that is needed, and in tests, many found the exercise fun.
Some websites also offer simple random questions (e.g. what is three plus five?), although these are potentially circumvented and lack the fun appeal to most users.
In conclusion, I stress that you should consider how spam protection is affecting your users. If you need to, try to ensure the spam protection does not intrude on the user’s experience – your conversion rates will reward you.
Get notified of new posts: