Think Your Site
Needs ?
Try These User-Friendly Alternatives
Have you ever filled out a form on
a website, and been faced with
something like what is shown in
the following video?
Int...
Introduction
Perhaps the most loathed of all Internet security measures,
a CAPTCHA attempts to weed out bots from legitima...
Introduction
CAPTCHAs are a nice idea in theory. They’re meant to
keep spam comments at bay and prevent bots from
harvesti...
Introduction
But CAPTCHAs present some serious user experience
problems. We tested the CAPTCHA experience with our
panel, ...
3 UX Problems
They interrupt the
user’s workflow
3 UX Problems
1
They put one extra, irritating step between users and
the tasks they want to accomplish. Plus, even the
better versions ca...
ReCAPTCHA is one of the more usable and respected
CAPTCHA generators out there. With ReCAPTCHA,
users decipher scanned ima...
The advantage to the user is that the text is made
of actual words, not random strings of numbers and
letters.
3 UX Proble...
3 UX Problems
They’re not accessible
2
3 UX Problems
This brings up the second major usability problem:
CAPTCHAs are excessively difficult for people with
visual...
3 UX Problems
They put the burden
on legitimate users
3
Beyond the usability and accessibility concerns, there’s
a disturbing flaw at the core of the whole thing.
3 UX Problems
The fundamental problem is that CAPTCHAs force
humans to complete undesirable tasks because of
issues that are beyond thei...
With CAPTCHA, website
visitors are presumed guilty
until proven innocent.
3 UX Problems
Alternatives to
CAPTCHA
Alternatives to
CAPTCHA
Easier and more enjoyable tests
Because completing CAPTCHAs is so unpalatable,
several more user-friendly alternatives have popped up.
Some of these, like...
While playing an easy game is more
enjoyable than entering a string of text,
the games are generally not accessible
to use...
What’s more, users are so accustomed to completing
normal CAPTCHAs, gamified alternatives can be seen
as annoying or juven...
I feel like it makes it look
unprofessional. Maybe if it were a
kids’ site, you might need animated
CAPTCHA, but if anythi...
Other alternatives are Text CAPTCHA and Egglue,
which ask simple questions humans can answer using
logic or intuition rath...
NuCaptcha uses behavior analysis to assess each
visitor’s risk level. Then it assigns easy or difficult
CAPTCHAs based on ...
The downside of these options is that they still
disrupt the user’s workflow. While they might be less
frustrating, they s...
Honeypots
Alternatives to
CAPTCHA
Honeypots are traps made to catch bots without ever
being noticed by human users.
The most common example is the hidden fo...
Honeypots aren’t perfect, though.
Visitors who use screen reader software will still
encounter the field, creating more co...
Verified sign-in
Alternatives to
CAPTCHA
Another option for confirming visitors
are human is to require them to sign
in with an account such as Facebook,
Twitter, ...
This solution is popular for blogs because it includes
the side benefit of removing the anonymity that
mean-spirited users...
The obvious problem here, though, is that not all users
have the required social account.
This can be mitigated by using a...
Janrain gives users multiple sign-in choices.
Alternatives:
Verified sign-in
There’s still one problem remaining with social media
solutions: many users aren’t comfortable using their
social account ...
Time stamps
Alternatives to
CAPTCHA
A big difference between humans and robots is the
speed at which we complete tasks. It takes us a few
moments to read each...
This might not be secure enough to stand alone,
though, as some of the sneakier bots are programmed
to take longer to fill...
Checkboxes
Alternatives to
CAPTCHA
One of the best solutions is to include a
client-side JavaScript checkbox that says
something like, “I am a human.”
By gen...
There are some concerns about bots that are clever
enough to read the Javascript or CSS and work around
the checkbox solut...
Here are some resources to check out
if you’re interested in the checkbox solution:
	• Growmap Anti Spambot Plugin for Wor...
What’s a website
owner to do?
What’s to do?
To determine which alternative is best for your site,
you should ask yourself why you need the additional
se...
What’s to do?
For blog owners looking to prevent spam comments,
a social sign-in solution might be right — if users are
op...
What’s to do?
For e-commerce sites that need to verify a visitor’s
validity at the point of purchase, any additional steps...
What’s to do?
The very best solution is one your users never notice.
Consider using honeypots, time stamps, or checkboxes
...
www.usertesting.com
Upcoming SlideShare
Loading in …5
×

User friendly alternatives to captcha to improve user experience on your website

4,530 views
4,342 views

Published on

Perhaps the most loathed of all Internet security measures, a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) attempts to weed out bots from legitimate users by presenting a test that is easy for a human, but difficult or impossible for a computer.

CAPTCHAs are a nice idea in theory. They’re meant to keep spam comments at bay and prevent bots from harvesting email addresses. They’re also very commonplace; according to Luis von Ahn, one of the creators of CAPTCHA, about 200 million CAPTCHAs are completed every day. But they present some serious user experience problems. We tested the CAPTCHA experience with our panel, and here’s what we learned.

Published in: Design, Technology
2 Comments
29 Likes
Statistics
Notes
No Downloads
Views
Total views
4,530
On SlideShare
0
From Embeds
0
Number of Embeds
149
Actions
Shares
0
Downloads
64
Comments
2
Likes
29
Embeds 0
No embeds

No notes for slide

User friendly alternatives to captcha to improve user experience on your website

  1. 1. Think Your Site Needs ? Try These User-Friendly Alternatives
  2. 2. Have you ever filled out a form on a website, and been faced with something like what is shown in the following video? Introduction
  3. 3. Introduction Perhaps the most loathed of all Internet security measures, a CAPTCHA attempts to weed out bots from legitimate users by presenting a test that is easy for a human, but difficult or impossible for a computer. What does CAPTCHA stand for? Completely Automated Public Turing test to tell Computers and Humans Apart
  4. 4. Introduction CAPTCHAs are a nice idea in theory. They’re meant to keep spam comments at bay and prevent bots from harvesting email addresses. They’re also very commonplace; according to Luis von Ahn, one of the creators of CAPTCHA, about 200 million CAPTCHAs are completed every day.
  5. 5. Introduction But CAPTCHAs present some serious user experience problems. We tested the CAPTCHA experience with our panel, and here’s what we learned:
  6. 6. 3 UX Problems
  7. 7. They interrupt the user’s workflow 3 UX Problems 1
  8. 8. They put one extra, irritating step between users and the tasks they want to accomplish. Plus, even the better versions can be difficult to read. 3 UX Problems
  9. 9. ReCAPTCHA is one of the more usable and respected CAPTCHA generators out there. With ReCAPTCHA, users decipher scanned images of text from old books, allowing the books to become digitized. 3 UX Problems
  10. 10. The advantage to the user is that the text is made of actual words, not random strings of numbers and letters. 3 UX Problems Hard-to-read text can cause errors and slow you down even further.
  11. 11. 3 UX Problems They’re not accessible 2
  12. 12. 3 UX Problems This brings up the second major usability problem: CAPTCHAs are excessively difficult for people with visual disabilities. Some offer audio alternatives, but those are often even harder to decipher (and pretty scary-sounding!)
  13. 13. 3 UX Problems They put the burden on legitimate users 3
  14. 14. Beyond the usability and accessibility concerns, there’s a disturbing flaw at the core of the whole thing. 3 UX Problems
  15. 15. The fundamental problem is that CAPTCHAs force humans to complete undesirable tasks because of issues that are beyond their control — and not their fault. 3 UX Problems
  16. 16. With CAPTCHA, website visitors are presumed guilty until proven innocent. 3 UX Problems
  17. 17. Alternatives to CAPTCHA
  18. 18. Alternatives to CAPTCHA Easier and more enjoyable tests
  19. 19. Because completing CAPTCHAs is so unpalatable, several more user-friendly alternatives have popped up. Some of these, like PlayThru and Sweet Captcha, gamify the process of proving you’re a human. Alternatives: Easy/Fun tests PlayThru Sweet Captcha
  20. 20. While playing an easy game is more enjoyable than entering a string of text, the games are generally not accessible to users with visual impairments. If an option is available at all for visually-impaired users, it’s the scary, difficult audio CAPTCHA from before. Alternatives: Easy/Fun tests
  21. 21. What’s more, users are so accustomed to completing normal CAPTCHAs, gamified alternatives can be seen as annoying or juvenile. Alternatives: Easy/Fun tests
  22. 22. I feel like it makes it look unprofessional. Maybe if it were a kids’ site, you might need animated CAPTCHA, but if anything, it’s more of a pain in the butt. – Raquelmelody, United States Member of UserTesting panel Alternatives: Easy/Fun tests
  23. 23. Other alternatives are Text CAPTCHA and Egglue, which ask simple questions humans can answer using logic or intuition rather than pattern recognition alone. Egglue uses logic questions rather than images to verify humanity. Alternatives: Easy/Fun tests
  24. 24. NuCaptcha uses behavior analysis to assess each visitor’s risk level. Then it assigns easy or difficult CAPTCHAs based on how likely it is that the visitor is a bot. Visitors who behave like humans are given very easy tests to complete. NuCaptcha also offers many different themes to match your site Alternatives: Easy/Fun tests
  25. 25. The downside of these options is that they still disrupt the user’s workflow. While they might be less frustrating, they still create a barrier between the user and their goal. Alternatives: Easy/Fun tests
  26. 26. Honeypots Alternatives to CAPTCHA
  27. 27. Honeypots are traps made to catch bots without ever being noticed by human users. The most common example is the hidden form field. With this solution, an extra field is included in the web form and then hidden from human users with JavaScript or CSS. Bots, however, will still “see” the field and fill it out. If the field is filled out, the form is automatically rejected. Alternatives: Honeypots
  28. 28. Honeypots aren’t perfect, though. Visitors who use screen reader software will still encounter the field, creating more confusion and increasing the chances they’ll fail the test. To work around this problem, you could label the form field something like, “Leave this field blank,” but this is still likely to confuse users. Alternatives: Honeypots
  29. 29. Verified sign-in Alternatives to CAPTCHA
  30. 30. Another option for confirming visitors are human is to require them to sign in with an account such as Facebook, Twitter, or Disqus. (We use Disqus for comments on the UserTesting blog.) Alternatives: Verified sign-in
  31. 31. This solution is popular for blogs because it includes the side benefit of removing the anonymity that mean-spirited users rely on when they leave rude or offensive comments. Tying comments to a social account adds a level of responsibility that discourages trolls. Alternatives: Verified sign-in
  32. 32. The obvious problem here, though, is that not all users have the required social account. This can be mitigated by using a service like Janrain or Gigya that allows users to choose from a wide variety of accounts to log in with, rather than just one or two. Alternatives: Verified sign-in
  33. 33. Janrain gives users multiple sign-in choices. Alternatives: Verified sign-in
  34. 34. There’s still one problem remaining with social media solutions: many users aren’t comfortable using their social account information to log into an unfamiliar website. They might be concerned that this is an invasion of privacy, or that the website will post updates to their account without their permission. Alternatives: Verified sign-in
  35. 35. Time stamps Alternatives to CAPTCHA
  36. 36. A big difference between humans and robots is the speed at which we complete tasks. It takes us a few moments to read each field, decide what to input, and then type the text. Bots, on the other hand, can populate a form instantly. By using time stamps on your site, you can reject forms that are filled out too quickly. Alternatives: Time Stamps VS
  37. 37. This might not be secure enough to stand alone, though, as some of the sneakier bots are programmed to take longer to fill out forms to specifically avoid this trap. Plus, for returning visitors with cookies enabled, the form may auto-populate, causing the visitor to be wrongfully identified as a bot. Alternatives: Time Stamps
  38. 38. Checkboxes Alternatives to CAPTCHA
  39. 39. One of the best solutions is to include a client-side JavaScript checkbox that says something like, “I am a human.” By generating the checkbox client-side, only legitimate users will be able to see and check the box. Alternatives: Checkboxes
  40. 40. There are some concerns about bots that are clever enough to read the Javascript or CSS and work around the checkbox solution, so additional measures could be added for security. Alternatives: Checkboxes
  41. 41. Here are some resources to check out if you’re interested in the checkbox solution: • Growmap Anti Spambot Plugin for WordPress • CodeUmbra’s tutorial on the checkbox solution • UX Movement article in favor of the checkbox Alternatives: Checkboxes
  42. 42. What’s a website owner to do?
  43. 43. What’s to do? To determine which alternative is best for your site, you should ask yourself why you need the additional security measures.
  44. 44. What’s to do? For blog owners looking to prevent spam comments, a social sign-in solution might be right — if users are open to it. Run tests with your users to find out if they would actually use a verified sign-in, or if it would cause an uproar of privacy concerns.
  45. 45. What’s to do? For e-commerce sites that need to verify a visitor’s validity at the point of purchase, any additional steps between the user and the purchase can reduce conversions. If you can use an alternative that doesn’t interfere with the user’s workflow, you’ll stand a much better chance of making the sale and keeping the user happy.
  46. 46. What’s to do? The very best solution is one your users never notice. Consider using honeypots, time stamps, or checkboxes —or a combination of these.
  47. 47. www.usertesting.com

×