What Is a CAPTCHA?
I’d consider myself good at acronyms, but I’ll admit I didn’t even see this one coming; CAPTCHA stands for “completely automated public Turing test to tell computers and humans apart.” Essentially, a CAPTCHA is an anti-spam tool which works by requiring commenters to prove they’re a human and not spam software.
CAPTCHAs are designed in various ways—some require you to solve a simple math problem (although I know plenty of humans that can’t solve simple math problems) while others ask you to type a series of letters and numbers from a given image.
According to Google, “A CAPTCHA is a program that can generate and grade tests that humans can pass but current computer programs cannot. For example, humans can read distorted text as the one shown below, but current computer programs can’t:”
What are the benefits of a captcha form?
Essentially captcha stop hackers from abusing online services because they block robot software from submitting fake or nefarious online requests.
Captcha tests can be used to…
- Protect the integrity of online polls by stopping hackers using robots to send in repeated false responses.
- Stop brute force attacks on online accounts in which hackers repeatedly try to log-in using hundreds of different passwords.
- Prevent hackers from signing up for multiple email accounts that they’ll then go on to use for their purposes.
- Stop cyber criminals spamming blogs or news content pages with dodgy comments and links to other websites.
- To make online shopping more secure.
- Prevent bots from spamming message boards, contact forms, or review sites.
How have organizations suffered as a result of not having a captcha form?
There are a few case studies of organizations and businesses who have suffered as a result of not having captcha forms on their websites. One of the earliest cases dates back to the late nineties when social news website Slashdot published a poll asking visitors to vote for the best computer science graduate course in the USA.
Students from two universities – Carnegie Mellon and MIT – used automated programs to vote repeatedly for their respective schools, and the poll became skewed and useless.
More damaging, in 2013 big supermarket brand Target suffered from a data breach that affected 70 million people.
Commenting on the breach, Rocket Digital reported: “When Target hired a security company to investigate, one of the leading theories was that the breach was caused by malicious email – specifically a phishing email that went after their customer base.
“They had a vendor portal that did not have a captcha or any kind of human verification in place, so a bot was able to get into the system and start transmitting data back to people who weren’t supposed to have it.