CAPTCHA has become common part in almost any web form now-a-days. It has become increasingly difficult to decipher the code even for extra-ordinary humans !
There are several discussions on the usability issues of CAPTCHA (here are some more). A bad CAPTCHA can bring down the number of form submissions considerably. You may lose leads, business, or contacts just because of an inappropriate CAPTCHA.
Let’s see when to use CAPTCHA (importantly, when not to use) and if at all required, how to make it easier for your visitors.
Why CAPTCHA at all?
CAPTCHA is for preventing bots from automatically submitting your form. These web bots are programs that leech through the web pages. When it finds a form, it fills the form with a spam message and submits.
Why would someone send a web-bot to submit your form? What is their gain?
- If the form submission appears immediately on a web page, the spammer can get back links to his website
- If you are providing a free service (free email, free blogs) the spammer can create several thousand accounts
- The spammer expects you to read his spam message
The examples include blog comment forms and guest books. It is important that no form submission appears immediately on a web page. It will be an open invitation to spammers. Put a monitoring system in place.
Rest of the forms fall in the third category. This category is the least attractive to the spammer since only you see the spam message! The chances of spam submissions to this category is the least. So why bother about CAPTCHA itself?
Does your form really need a CAPTCHA?
There is no reason to attach a CAPTCHA with every form that you get online.
- Design the form without CAPTCHA. Get it online!
- You start getting form submissions. Take a note of the number of form submissions. (the conversion rate)
- If you start getting spam submissions, attach a CAPTCHA.
- Observe the drop in the number of genuine form submissions. Decide whether to keep the CAPTCHA
If you have decided to keep the CAPTCHA, try the tips below to keep it easier for your visitors.
Making a better CAPTCHA
A good CAPTCHA will keep the form submission rate high while keeping the bots away.
1. Avoid similar symbols in the CAPTCHA
There are several characters that look similar. CAPTCHA, by nature is distorted. The similarity can cause confusion.
Examples:
1(one) l(lowercase L) and I (uppercase i)
0(zero) and O and o (lowercase O)
4 and A
8 and B
6 and b
2. Password field for Captcha?
I don’t understand why some web forms have *Password field* for filling in the captcha code!
Password field, supposedly, is to prevent someone seeing the entered text ‘over your shoulder’; right?
3. Fill the form again? Oh No!
Though this is very basic, I have seen this happening at least in a couple of forms.
You fill the form, and manage to fill the CAPTCHA and submit. Bang! The form appears again and says the CAPTCHA code is wrong. That’s fine; but the entire form is cleared too!
Use Ajax to validate CAPTCHA; never make the visitor fill the form again.
4. Make it bigger
Bigger text is easier to decipher. The size of the characters doesn’t matter for the bots anyway. So make it larger.
5. No Fancy fonts please!
It is easier to decipher the code if the font is a familiar one. Use a common, non-fancy font in the CAPTCHA
6. Link to refresh the CAPTCHA.
Always give an option to refresh the CAPTCHA. In case one code is difficult, your visitors can try another one.
7. Keep it short
A 6 character CAPTCHA code is reasonable while anything more than 10 is too much!
Use CAPTCHA only when necessary. Even if you decided to have CAPTCHA, make it easier for your visitors.
Tags: captcha, form design
Before putting CAPTCHA on your next web form…
CAPTCHA has become common part in almost any web form now-a-days. It has become increasingly difficult to decipher the code even for extra-ordinary humans.
This article discusses when to use CAPTCHA (importantly, when not to use) and if at all required…
Captchas are for the most part, absolutely terrible. They definitely shut out genuine users, particularly those without perfect eyesight. If you’re going to use a captcha at all, I have some suggestions from an article I wrote.
Bad examples: Which number in the picture is red?” “Which animal in the picture above has four legs?” How is someone who can’t read print and has to rely on a screenreader supposed to know that?
Good examples: “How many legs does a cat have?” “What’s 2+2?” Math questions can be asked in a number of different ways to hault a bot and still be accessible to a user. “What’s 6 divided by 2?” What’s 5 added to 3?” Even “What color is an orange?” is still a good example, because everyone except the bots, sighted or not, knows the answer.
All auto-refreshing captchas are dirty and should never be employed, even in text format, because some users need time to read and then select or type in the correct answer.
Captcha’s are terrible things I normally use a hidden element in the form that is empty, and when it’s submitte check if it’s still empty.
Spam bots and what not usually fill out all items in the form, including the hidden element that needed to stay empty. So if the hidden element is filled in, it’s propably a bot. For so far, the theory works
Wow!! Web-beest, thats a brilliant solution!
[...] Before putting CAPTCHA on your next web form [...]
Well, i guess we know the truth now )