If you’ve ever signed up for anything on the Internet, you’ve probably taken a CAPTCHA test. You were presented with a picture of distorted letters and numbers, and then a little field below that picture where you typed in the letters, numbers or characters that you saw. Or, you may have been presented with a bunch of photos and were asked to click the ones with an automobile. Perhaps you were asked to click a box that said, “I am not a robot.” These are all CAPTCHAs. Many websites us CAPTCHAs today as part of their initial registration process. Some even require them for every login.
A CAPTCHA generates an automated response that challenges you by providing a problem that can only be solved by humans. It prevents access to systems and software by requiring a typed series of characters.
To many, it’s just that annoying little box that comes up at the bottom of a registration form. It might be annoying, but it’s preventing bots (or computer robots) from getting into a system and causing havoc.
The story of how the CAPTCHA came about is fascinating. In the year 2000, everyone was signing up for free Yahoo email addresses. This was before Gmail, and many thought Yahoo email was great! You could use it anywhere and access your emails from wherever you had an internet connection.
But there was one problem…
And a computer science graduate student at Carnegie Mellon University in Pittsburgh, PA discovered it. His name is Luis von Ahn.
Luis explains the issue with the Yahoo email addresses:
“The problem was that there were people who, to send spam from Yahoo accounts, would obtain millions of fake email accounts.”
The spammers who were signing up for the fake email accounts weren’t going to the Yahoo site and signing up one by one. Instead, they were writing simple computer programs with little dots that kept filling out the Yahoo email signup form, again and again, 24/7. This generated an army of fake email accounts where they could sell fake Viagra, or steal bank account information.
Yahoo didn’t know what to do about this. But, Luis had an idea.
“The idea was…Can we make a test that will distinguish between humans and computers? But also a test that is graded by the computer?”
This is when Luis and his team, including Nicholas J. Hopper, John Langford, and Manuel Blum,
came up with the CAPTCHA idea.
“We showed it to the chief scientist at Yahoo, and he loved it! And within a few weeks, it was being used by Yahoo.”
Luis gave his test a name. It was a long, ridiculous name that made a short acronym: “completely automated public Turing test to tell computers and humans apart” — CAPTCHA.
The Turing test was developed by Alan Turing in 1950 to test a machine’s ability to exhibit intelligent behavior equivalent to that of a human. It’s a test that you can use to tell if you’re communicating with a computer or a human being. If it can make you consistently think that you’re communicating with a human being, then it’s considered Artificial Intelligence (AI).
It worked for Yahoo, and the CAPTCHA became huge!
CAPTCHAs enhance security. Websites use the CAPTCHA to ensure only humans are accessing a site.
Online systems are regularly exposed to hacking. They prevent what’s called quality of service (QoS) degradation by bots or other automated programs. Putting a CAPTCHA element on a registration form as a test before you can enter a website is another layer of security.
CAPTCHAs also prevent sites from being affected by brute-force hacking attempts. This is a trial-and-error method that hackers use to guess passwords or personal identification numbers (PIN)s. Brute force attacks are generated by automated software. The CAPTCHA recognizes this and that the attempt to enter the site isn’t being made by a human, so it blocks access.
A CAPTCHA is easy for humans to figure out, but difficult for automated software to pass. CAPTCHAs are also simple for web developers to implement. They just need to decide if the annoyance for people who want to access their system is worth the added security. It is if you want to protect your customers’ confidential data and to keep your website secure.
Along with CAPTCHA elements there are 5 effective tactics to keep your website secure and protected from brute-force attacks.
CAPTCHAs and other forms of website security are a must to protect the integrity of your websites.
Did you like this article? If so, visit our Blog for others.