What is captcha and how does it work

Everything you need to know about captcha. What is it in simple words, why is captcha checking needed on the Internet when registering on any site, when and why an error may occur – In this article, we will explain what captcha is and how captcha works.

Surely on various sites you have come across a request to enter text for verification or to find the desired image in the proposed options. This is a captcha – a way to cut off robots that can harm the site or steal user data. We will tell you in simple words what a captcha is, why it is needed, whether it is possible to somehow bypass it and how to correct errors that occur in a captcha.

What is Captcha?

CAPTCHA is a special test to check who exactly has visited the site and is performing various actions on it: a person or a machine. The method is based on the Turing test, developed back in 1956.

The word CAPTCHA is an acronym for Completely Automated Public Turing Test To Tell Computers And Humans Apart, which literally means “Completely Automated Public Turing Test to Tell Computers and Humans Apart.” But even in the Russian version, a variant of the English abbreviation is used.

The Turing test is a research method for AI that determines whether a machine is capable of thinking like a human. The original test used 3 remote terminals, of which only one was controlled by a machine, the other by a human respondent.

And behind the third is a researcher whose task is to ask the same questions to both the machine and the person. And if the machine copes with questions that require the answers “Yes” or “No,” then the AI ​​has problems with general questions that require a detailed answer.

Why is captcha needed on the Internet?

If in Turing’s time the test for identifying robots was more of a philosophical nature, now it has a very definite practical application.

There are a lot of threats on the modern Internet, which for the most part come not from specific people, but from automated bots. They can prevent users from working normally with the site or even steal personal data.

For example, it is very difficult for a person to choose a password for a website, but the bot does not know fatigue and sooner or later will determine the required combination. To stop such hacking attempts, a Turing test in the form of a captcha is used.

In fact, captcha can provide protection against various cyber threats:

  • Spam. Automated bots can send advertising and simply junk messages in large quantities. But if a captcha is installed on a resource that is being attacked by spam bots, the amount of spam will be significantly reduced.
  • DDoS attacks. The bottom line is that hackers send so many requests to the resource server that it cannot process them all and, as a result, the site crashes. It is clear that it is not people who are sending the requests, and captcha may well prevent such an attack.
  • Brute force. Brute force is the process of automatically selecting a login and password to access a specific resource. Automated bots sort through thousands of combinations in a matter of seconds and eventually find the right option. Captcha prevents bots from entering generated passwords.
  • Attacks on online stores. They are especially common during sales: bots add promotional items to the cart and, as a result, real users cannot find them. After the promotion, the criminals resell the goods from the basket at exorbitant prices. Captcha prevents such bots from working.

How does captcha works

The basis of any captcha is a simple algorithm that demonstrates a specific task to a site visitor, and then reads and analyzes the response received. Tasks can be very different and can be invented by both a person and a machine.

As a rule, a person comes up with various logical riddles, but text or graphic captchas are mostly generated by special robots. Modern captchas are quite advanced – they cannot be seen if the user performs standard actions.

But as soon as his activity becomes suspicious (for example, he puts a large number of likes in a short period of time), then a window with a captcha appears. You can also see it if you visit any site that requires you to enter personal data with VPN enabled.

What types of captchas are there?

Captchas can be of different types. It’s worth taking a closer look at the ones you see most often.

1. Text

Text captchas were the very first. The bottom line is that the user is asked to enter a test word (or two words). There are simple and complex text captchas.

A simple one consists of one word without any additions. Complex may include additional words, letters of different cases and various symbols. Text captchas are still used on some websites.

2. Logical

This category includes mathematical, graphical options, as well as captcha puzzles. Their essence is that the user must demonstrate logical thinking and solve a simple mathematical example, select an object in the image, or complete the picture using the appropriate puzzle. At the moment, such captchas are considered the most advanced, since it is very difficult for bots to bypass them.

3. Sound

Usually created additionally for text or logical variants. This soundtrack allows people with disabilities to pass the test without any problems. The sound can also be used to create an alternative captcha. For example, you need to listen to the recording and answer the question by choosing the options “Yes” or “No”. This kind of captcha is not used very often.

4. Biometric

This option is extremely rare, since passing such a captcha requires the user’s fingerprint or retinal scan. It is also possible to scan the user’s face. Biometric captcha is used mostly in companies (internal use), for which data confidentiality is extremely important.

5. Video captcha

Its essence is as follows: the user is shown a short video with a certain question, and then asked to answer it using text. This option is considered the safest, since bots cannot overcome such a captcha. However, it requires special configuration.


This is a modification of the classic captcha, which has a number of improved algorithms for protecting against robots. The project was launched by specialists from Carnegie University and then purchased by Google. Robot protection algorithms are still being updated to this day. Therefore, many website owners prefer to use reCAPTCHA.

Recaptcha algorithms are based on the analysis of various indicators: for example, the user’s reaction speed and mouse cursor behavior are analyzed. Based on this data, the system concludes who exactly is performing the action – a robot or a person. In the latest editions of recaptcha, artificial intelligence analyzes the indicators.

When the user gets a captcha

The captcha can be shown to the user when performing various actions on the site. Let’s look at the most common cases.

registration on the site

Captcha during registration allows you to minimize the possibility of robots creating fake accounts. After entering all the necessary data for registration, users see a window with a captcha – you need to prove that you are not a robot. This is a common practice on sites that require registration.

Activity on the site

If you like content too quickly, respond to messages immediately, and write a lot of comments or reviews, the system may think that a robot is doing all this. As a result, the user will see a window with a captcha. These are the algorithms used on VKontakte and many other social networks.

Purchasing goods in online stores

Many marketplaces use captchas when trying to add an item to a cart or when a user is placing an order. This is done to weed out bots speculating on promotional goods. Another goal is to protect confidential client data.

Permanent Demonstration

This is the most unpleasant scenario. No matter how strange it may sound, there are some sites that issue a captcha for almost any user action. This is very annoying and therefore the attendance of such resources is at a minimum level: few people like to tap on the keyboard, knocking out another unintelligible combination instead of viewing the content.

Pros and cons of using captcha on a website

Advantages Flaws
Easy installation on the site Inconvenient for users
Convenient control Reduced site loading speed
Fairly high efficiency Many vulnerable captcha options
Reducing spam

Why does an error occur when passing a captcha?

Sometimes, while working with captcha, errors may occur that prevent users from successfully completing the verification.

1. Errors when entering an answer

Most often, this is the main reason for failure during the test. It is enough to enter a letter in the wrong case and the check will fail. When you enter text for verification, you need to be careful – this way you can minimize the risk of an error.

2. Time limit exceeded

Usually a captcha gives a certain time to enter the answer (different limits are used for different options), and if the user decides to postpone entering the captcha and returns later, the system may not accept the answer and throw an error. You must enter the answer to the captcha immediately after it appears. Otherwise problems may arise.

3. Using automatic programs

Some people like to use automatic programs that allow you to bypass captchas. If the system detects such software on the user’s device, it may throw an error and not accept the entered answer. Of course, such software is constantly being modernized, but captcha protection does not stand still.

4. Blocked IP

This may be a result of a previous problem. If suspicious actions were performed from the user’s IP address (for example, requests were received from automated programs), the system may completely block a specific address and, as a result, you will have to use a VPN service to interact with the captcha.

5. Network connection problems

The most common cause of an error when passing a captcha is also a problematic network connection. If the connection is unstable, it may cause errors when trying to enter the answer to the captcha. To correct the error, you can try using a different connection.

6. Problems with the browser or OS

If your web browser is outdated, the captcha may not display correctly or some important elements may not work. The same situation may arise if an outdated version of the OS is installed on the user’s computer. In this case, nothing will help except updating the browser and system.

7. Problems with site configuration

In rare cases, problems with captcha may be caused by some site settings. The resource owner needs to check the configuration and fix errors. There may also be an incorrect installation of the captcha on the site or incorrect settings. In any case, the owner needs to check everything.

8. Low quality of the picture in the captcha

Due to insufficient quality of the picture, the user often cannot identify the characters displayed on the screen. As a result, the wrong characters are entered and an error occurs when checking the captcha. If the user has difficulty identifying the characters, you can click a special button to generate another picture.

Is there any way to bypass the captcha?

There is a completely legal way to bypass captcha – a dynamic IP address. The point is this: the user purchases a service from a provider and in the settings sets the frequency of changing the IP address every second. This option is guaranteed to eliminate captcha on any website. There are also programs for automatically recognizing captchas and bypassing them. But most of them are paid. In addition, the use of such software may lead to IP address blocking.

What is anti-captcha

Anti-captcha is a special service that offers captcha recognition and bypassing them automatically. The main difference from automated programs is that the program installed on the PC sends information about the captcha to the service and an employee there answers the captcha.

As a result, IP blocking and other troubles do not happen, since the system sees that a living person is answering the captcha. The most popular services for bypassing captchas are Rucaptcha and Antigate.

The first involves use with text captchas, which no longer have a sufficient level of security. Bots have learned to cope well with text variants quite quickly.

The second one is designed to bypass graphic and logical captchas. This is more serious, since such captchas are used everywhere.

What to do with endless captcha

Sometimes users enter the required data or select the correct pictures, but the captcha does not disappear. The problem may be due to various factors. First, check the stability of your network connection.

If you are using an old version of the browser, you need to update it – perhaps after this the problem will go away. The same applies to the operating system version. If this doesn’t help, try clearing your browser cookies.

You can also try repeating the procedure on another device. Sometimes changing your web browser helps. If nothing works, it is recommended to contact the technical support service of the resource where the problem is observed.

An endless captcha may also indicate that there is an error on the site’s side. Technical support must respond to a specific ticket as quickly as possible.

Is it possible to replace the captcha with something?

Some believe (and not without reason) that captcha is outdated and cannot provide adequate protection against robots. Indeed, bots are becoming smarter and learning to bypass all known types of captchas. But the latter are also being modernized. However, to ensure the best protection of the resource, you can use alternative options for protection against robots in tandem with captcha:

  • Firewalls. They are able to block malicious or suspicious traffic, thereby cutting off most of the bots.
  • Spam filters. They are special extensions that can recognize and block spam mailings.
  • Complicated account login. Complex account login (for example, two-factor authentication or phone verification codes) can block almost all robots.
  • Bot filters. These are special programs that are capable of tracking and blocking bots according to a list that was previously configured by competent specialists.
  • Protection services against intruders. These are paid services that can not only cut off various bots, but can also withstand full-fledged DDoS attacks.

Questions and answers

Website owners and ordinary users often have questions regarding the main features of captcha. Techklic.com will answer the most popular ones.

How to install captcha on a website?

To embed captcha on a website, there are special plugins designed for use with popular CMS (content management systems). Specific instructions for installing such a check on a site depend on the type of specific captcha. But the general steps will be:

  1. First you need to get an API key from Google. To do this, follow the link and register the site in the system. You will receive two keys, one of which is secret.
  2. In the WordPress CMS control panel, click the “Add New” button in the “Plugins” section.
  3. Using search, find “No Captcha ReCaptcha” in the list and click “Install”.
  4. Activate the installed plugin.
  5. Select “Settings” in the left menu and click on the “No Captcha ReCaptcha” item.
  6. In the appropriate lines, enter the regular and secret keys you received earlier.
  7. Set up scripts to display captcha.
  8. Set up the captcha design and click the button to save the settings.

How to protect captcha from robots and other methods of circumvention?

There are several ways to solve the problem: using more powerful algorithms (including reCAPTCHA) or using alternative protection against hackers and spam (the same firewalls or antispam filters).

Is it possible to get a job solving captcha for money? How much do they pay for this?

There is such a possibility. There are special services for making money by solving captchas. The most popular of them are the following resources:

  • Kolotibablo;
  • RuCaptcha;
  • 2Captcha;
  • Captcha from Advego;
  • MegaTypers.

However, you shouldn’t count on thousands of rubles in income. On average, earnings on such platforms can range from 1 to 2 USD per 1000 solved captchas.

Leave a Reply

Your email address will not be published. Required fields are marked *