This document summarizes research on CAPTCHAs and graphical passwords. It discusses how CAPTCHAs are used to distinguish humans from bots but have usability issues. Graphical passwords were developed as an alternative but are vulnerable to attacks. The document reviews several techniques for CAPTCHAs and graphical passwords, including CaRP which uses images as passwords and is resistant to guessing attacks. It analyzes the security and usability of different schemes and automated attack methods against PassPoints passwords. In conclusion, image-based CAPTCHAs can reduce spam while advancing AI, and new forms may be more robust against attacks.