Provide a security test that is a logical test rather than a CAPTCHA

CAPTCHAs were designed to block spambots.

Example of a graphical CAPTCHA.

To confirm a CAPTCHA, the user has to decipher a visual or audio code and type it in the corresponding field.

In terms of accessibility, CAPTCHAs are problematic because they can be too complex for many users, particularly those who are blind, visually impaired or dyslexic.

Security tests should therefore be more accessible to users, and be replaced by logical tests, for instance.

Radio button to be modified (solution #1)

In this solution, a request is included in the form, such as: “Please select the “Yes” button”, placed next to two radio buttons: “Yes” and “No”.

Simple question (solution #2)

In this solution, a simple question is added to the form, such as:

  • What is the color of the sky when it’s sunny?
  • What is the plural of “fish”?
  • What is the color of the white house?

Mathematical question (solution #3)

In this solution, a basic mathematical question is added to the form, such as:

  • What is 8 minus 2? (in digit)
  • What number is between 45 and 47? (in digit)
Example of a security test presented as a basic mathematical question.

Tip

  • Recommended practice is to include a sentence before the logical test that specifies : “This question confirms that the form is not completed by a robot.”
  • A good accessibility practice that is particularly useful for people with cognitive impairments is to provide a solution to reload the text or mathematical question.
  • Another good accessibility practice is to offer the possibility to contact a person from the company, if the user is having problems completing the logical test. This could be done by providing a link, such as: “Please contact us if you have any problems answering this question” next to the test.

Note

The best solution is to completely do without a CAPTCHA or logical test, and to use one or more of the following solutions that are more “transparent” for the user:

  • A hidden field in the form that should remain blank (the “Honeypot” technique).
  • An email confirmation.
  • A preview/confirmation page before sending the form.
  • A test on the time spent filling in the form.
  • An anti-spam filter system on the server.

Warning

If it is not possible to use a logical test or one of the other solutions above, provide an alternative for CAPTCHAs that are only sound or only visual tests.

Comments

Add a comment

All fields are mandatory.

Updates

09 June 2022
Removal of the “Find More” section

Back to top