Technical Terms: CAPTCHA

When you sign up or log in to a web site, or fill out a form, you will often be asked to complete a task such as typing some random characters from an image or selecting images from a group. This is called a CAPTCHA. These are used to protect web sites from automatic systems that try to log into accounts or create new ones.
Video Transcript / Captions
Closed captioning for this video is available on YouTube: Technical Terms: CAPTCHA.

Now let's take a look at a technical term that you may not know the name for. You've definitely seen it. It's called CAPTCHA. Now here's what it looks like. This is the CAPTCHA on the Apple signup page when you signup for a new Apple ID. So now you probably recognize it. It's part of a webpage or a signup page or a login page where it usually asks you to type some characters that are on the screen. Usually these characters are kind of obscured or curvy or maybe they're imbedded in some sort of image. They're kind of difficult to read and you're asked to type them. The purpose of this is to make sure you are a person, a human, who can interpret these characters and type them as opposed to some sort of bot. Some sort of automatic process that's trying to say login or create Apple ID's.

Now CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. Turing stands for Alan Turing, the famous mathematician and early computer scientist, who did so much for computers and cryptography and also came up with the idea of having a test to determine if something was human or a computer. So like if you were chatting with somebody online a Turing test would tell you if you were chatting with somebody that was a human or some sort of automatic process that was responding to you. This is kind of what this is. It's aTuring test to determine whether or not the person filling in the form is actually a human or some sort of automatic process.

Now there are many different CAPTCHA types. The most common one you're going to see is one that shows an image of kind of obscured text and you have to type it in. It's very hard for computers to be able to determine the characters in this kind of image so it's a good test of whether or not it's an actual person sitting at the computer. Sometimes these are actual words that look like they're scanned in. There's a popular system called reCAPTCHA that actually has you type in usually two words, one of which it knows and one in which it doesn't. These are from scans of old books. So as you're actually typing in the CAPTCHA you're contributing to an effort to digitize these books. Lots of books, thousands of them, have been digitized through the effort of that type of CAPTCHA.So it serves two purposes. Security and the secondary purpose of translating these scanned texts.

Sometimes you're asked to click on images. This is popular now. Goggle has a system where it shows you like nine images and it says click on all the ones that have cars in them, or something like that. Another way to determine whether or not it's a human. It's very hard for a computer to figure out what's in an image. Sometimes there are puzzles. They're little puzzles you need to figure out. Sometimes simple math. Adding something. That kind of thing. You don't see it too often any more but it was a common type of CAPTCHA awhile ago.

There's other ones. There are some that are automatic now. They're just a little checkbox check. What it's actually doing is it's looking at your cursor movements and the timing of you hitting that checkbox. A computer is going to be much more deliberate in doing that whereas a human is going to have kind of a human touch manipulating that interface. There's all sorts of other ways of doing it as well. The most common one though is typing those characters from an image.

The sole purpose, really, of CAPTCHA is to determine whether or not it's a person there. The reason for that is because it could be a security issue when you have say a login page or a create account page and if that can be filled in automatically by a computer then thousands of accounts could be created within seconds. Or thousands of attempts to break into accounts can be done within seconds without the CAPTCHA there to confirm that each attempt is actually by a person. So it really is this security purpose for doing it.

The history is kind of interesting. It's not as old as you think. It's only been around since like '97, 2000. In '97 according to wikipedia AltaVista, the search engine before Goggle, had a submission form for submitting a new website to their search engine and it had a CAPTCHA in it. Around 2000 iDrive also had a CAPTCHA. Probably the biggest entry into it that really got people seeing this all the time was PayPal around 2000 had a CAPTCHA for their login and a lot of people were using PayPal back then and this is kind of when people started seeing CAPTCHA's on a regular basis. Now they have become basically just ubiquitous everywhere the internet.

So that's what those things are called. They're called CAPTCHAs and they've been around for awhile and they serve a useful purpose even though they can actually be kind of annoying especially when you see them over and over again when you login to the same site. But right now they're kind of necessary in order to keep our sites and services somewhat secure.

Comments: 3 Responses to “Technical Terms: CAPTCHA”

    8 months ago

    I always get a CAPTCHA when I try to use Google while going through a VPN. This never happens when I use Bing. It seems clear to me that if Google cannot harvest any data from you, they will not let you use their search engine, and they use CAPTCHAs for this purpose.

    Pete S.
    8 months ago

    While this function is essential to distinguish (wo)man from machine I find the images of such poor quality it is impossible to selected the one(s) they requested. After 6 or 7 cycles of requests I just give up. If they can’t make the images clear enough for a person to make out what they want need to find another method.

    8 months ago

    Stop requiring passwords. No one can remember them anyway. And it is a pain to apply for a new one. I always give up when asked to go thru this time consuming idiocy

Comments Closed.