Security Blog

The latest news and insights from Google on security and safety on the Internet

reCAPTCHA just got easier (but only if you’re human)

October 25, 2013
Share on Twitter Share on Facebook
Google

33 comments :

Unknown said...

Need to improve. some bot still can read it. maybe better if we can have some variation in number position. color and other custom things. so bot can not detect all. maybe they can detect the default, but with custom setting it will make more difficult

October 25, 2013 at 8:32 PM
Jono said...

Interesting, but if the system has already determined that someone is human then why even present the easy captcha?

October 26, 2013 at 6:38 AM
mjpg said...

The above is a little confusing:

"serve ... legitimate users CAPTCHAs that [are] easy to solve. Bots ... will see CAPTCHAs that are ... difficult ...

you’ll encounter CAPTCHAs that are a breeze ... Bots ... won’t ... see them."

If you can determine in advance who is a bot and who a human, why do you need a CAPTCHA at all?

October 26, 2013 at 11:04 AM
Unknown said...

What's the point of a captcha? To determine if you're a human.

So... if you already know that I'm a human, why show the captcha in the first place?
Unless the recaptcha system is really in place to just decipher the streetview photos of house numbers

btw, to leave this comment, I didn't get a numerical captcha. Am I a machine?

October 26, 2013 at 5:13 PM
Greg Afinogenov said...

What about the text digitization function that made reCAPTCHA so valuable in the first place?

October 27, 2013 at 8:05 PM
timeofmind said...

If the software is capable of differentiating between bots and humans before presenting the captcha, then what is the point of the captcha?

October 28, 2013 at 5:14 PM
Dan F. said...

Do I need to make any changes on my web site that uses reCAPTCHA in order to take advantage of these improvements, or are the changes automatic?

October 29, 2013 at 12:26 PM
Tommy marsboer said...

How can I get in contact with the team behind SafeBrowsing?

I have a massive list of domains I think SafeBrowsing should include.

October 29, 2013 at 3:15 PM
Singularity Utopia said...

I am human but things have not become easier for me :-(

Where do I complain?

http://imgur.com/InqcLyx

October 30, 2013 at 5:41 PM
Lucas Bustamante said...

How do I enable numeric only recaptcha? It's still showing as letters to me.

November 2, 2013 at 6:35 PM
spur011 said...

This particular user, however, is happy to continue to help decipher scanned texts via reCAPTCHA, even if the computer thinks I'm human.

November 4, 2013 at 5:12 AM
Anonymous said...

And obviously, the non-generated numbers are house/mailbox numbers from the Streetview database that Google wants to make semantic.

[EDIT: Solving a ReCAPTCHA to comment on an article about ReCAPTCHAs seems a bit too much of a good thing. :P
1642 utofio. Wavy words are not quite done with, it seems.]

November 5, 2013 at 1:26 PM
Unknown said...

The megatypers Captcha works awesome and pays well so do register and use the invitation code which is mandatory to register.
Invitation CodeS : 7VF1
7VF2

November 13, 2013 at 11:22 AM
Parvez Khan said...

Hi
How can i make it only numeric
we have used it in one site but the alphabets captacha is most of the time unreadable for many users
can you tell the settings how to make it only numeric for making our life easy

Thanks and regards
Parvez

November 24, 2013 at 9:49 AM
Mohamed Ramadan said...

How can I configure the reCaptcha control to use this update? I found the current version is still showing very difficult words to read.

December 22, 2013 at 5:15 PM
Freedom Fighter said...

Actually, the captchas are only easier if you have any cookies from Google.
So its actually Google's way of punishing those that don't use their services.

Open up a private browser window and try a captcha, you'll know that they're significantly harder, not even difficult, they just automatically fail.

January 13, 2014 at 2:19 PM
Freedom Fighter said...

Actually, the captchas are only easier if you have any cookies from Google. Open up a private browser window, you'll notice that the captchas have black blobs in them and automatically fail.

If you're being tracked by Google's cookies, then the captchas are easier. If you're not being tracked, then its harder.

January 13, 2014 at 2:21 PM
Bruce A. Pokras said...

The example shown shows up on my home Mac using Safari. However, on my Windows PC using Internet Explorer at work I am now seeing words that are even more indecipherable than in the past (two words with a black ink blot over them). This is at the "Public PAIR" page of the USPTO.

January 15, 2014 at 3:35 PM
Website Design and Support said...

so how do we get the new AP?
Woooow you are not even using it for this form, will this might be the answer to my q.

January 28, 2014 at 7:58 PM
PhistucK said...

I personally think this is too bad. The point of reCAPTCHA, beside detecting bots, is to improve OCR. Improving OCR for numbers is not that helpful (if that is what it is even doing, but I assume it does not) as improving OCR for letters and other characters.
It was a very nice and helpful idea and this essentially ruins it. :(

March 30, 2014 at 4:03 PM
Unknown said...

OCR has become very advanced, to the point that it reads the distorted letters with better accuracy than some humans.

I'm pretty sure there's still a benefit (Google Street View) from getting the numbers right. As well as preventing bots abusing the system.

So, no, it is not ruined.

April 16, 2014 at 7:45 PM
How to get rid of blogger onboarding said...

I am confused - the text implies that form of captcha (numbers vs. twisted letters) depends on whether or not the system believes I am a human. But if the system already knows if I am a human, BEFORE I am presented a captcha, what is the point of showing it.
Do I understand the term CAPTCHA ("Completely Automated Public Turing test to tell Computers and Humans Apart") in a wrong way?

April 18, 2014 at 1:19 PM
Andi said...

To me it looks like the (second) numbers are house numbers. So perhaps it will help improve Google Maps?

May 23, 2014 at 4:25 AM
mosaic design education said...

How to use this new captcha? Like the one being asked in this comment box ?

May 24, 2014 at 1:02 PM
Unknown said...

Hi,

my website always serves the very hard recaptchas. But I'm human!

Why am I always detected as a bot?

Best regards,
--Martin

May 30, 2014 at 3:16 AM
Unknown said...

I run a website for older people, and need to more closely hug the line in allowing bots through versus the clients. Through testing, it seems that if the system ever triggered to think the client is a bot then they would essentially become locked out of the system as the words would be too difficult for them.

June 8, 2014 at 8:01 AM
Mir said...

reCAPTCHA is not showing good please check this page http://www.topseoforum.com/ucp.php?mode=register

July 1, 2014 at 7:06 AM
CodeSwimmer said...
This comment has been removed by the author.
July 10, 2014 at 1:51 PM
CodeSwimmer said...
This comment has been removed by the author.
July 10, 2014 at 1:52 PM
Unknown said...

If I'm understanding this correctly, in an attempt to block spam and bots, the captcha will also get increasingly difficult over multiple attempts while being testing by web designers tweaking their code eventually bringing testing to a halt!

July 15, 2014 at 2:01 PM
Nicholas said...

Alan, Check out http://techcrunch.com/2012/03/29/google-now-using-recaptcha-to-decode-street-view-addresses/


At first reCaptcha was used to help digitize the 30% of words current OCR tech couldn't solve.

Now that google owns recaptcha they are using it to help decipher google street maps house numbers, street signs and business names.

I don't think it's ruined.

July 16, 2014 at 6:31 PM
Daniel Saner said...

Once reCAPTCHA (wrongly) determines you're a bot, you start being served challenges with two almost impossible to decipher random letter sequences (both of them "control words").

http://i.imgur.com/01F2eES.png

Maybe you think you can read this, but believe me, you can't. I tried "ryntrInt llyHFrv" on this particular one, and it was wrong. And they're all this bad. It takes me an average 10-15 tries to get one of them right, which of course means that I'll never get out of the "hole" of reCAPTCHA thinking that I'm a bot, because I fail so often.

I appreciated getting the easier, Street View captchas while I could still get them. But this adaptivity approach fails badly when going into the other direction (making challenges harder than classical reCAPTCHAs, rather than easier).

From my very limited dataset of just my own encounters, reCAPTCHAs human/bot pre-distinction is atrociously bad. And from my own horrible experiences with it, assuming that many of my own legitimate users will have to deal with the same, I've had no choice but to ditch reCAPTCHA entirely. I cannot afford to subject my users to this torture and scare them away forever. It's gone too far. Especially since I hear that there are bots out there with automatic captcha solvers that have a much better hit rate than myself at this point.

August 2, 2014 at 10:20 PM
Mike said...

Any way to fix the issue whereby the big reCAPTCHA default logo is displayed, which makes users click on it because it includes a huge circle with arrows that makes people think that is the place to click on to reload a new set?

That logo has always been a big problem in terms of usability because it makes people click on it, rather than on the nearby very similar (but much smaller) reload symbol. I am surprised the issue is still there, as illustrated on top of this post.

August 3, 2014 at 11:52 PM

Post a Comment

  

Labels


  • #sharethemicincyber
  • #supplychain #security #opensource
  • android
  • android security
  • android tr
  • app security
  • big data
  • biometrics
  • blackhat
  • C++
  • chrome
  • chrome enterprise
  • chrome security
  • connected devices
  • CTF
  • diversity
  • encryption
  • federated learning
  • fuzzing
  • Gboard
  • google play
  • google play protect
  • hacking
  • interoperability
  • iot security
  • kubernetes
  • linux kernel
  • memory safety
  • Open Source
  • pha family highlights
  • pixel
  • privacy
  • private compute core
  • Rowhammer
  • rust
  • Security
  • security rewards program
  • sigstore
  • spyware
  • supply chain
  • targeted spyware
  • tensor
  • Titan M2
  • VDP
  • vulnerabilities
  • workshop


Archive


  •     2025
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2024
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2023
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2022
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2021
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2020
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2019
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2018
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2017
    • Dec
    • Nov
    • Oct
    • Sep
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2016
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2015
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2014
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • Apr
    • Mar
    • Feb
    • Jan
  •     2013
    • Dec
    • Nov
    • Oct
    • Aug
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2012
    • Dec
    • Sep
    • Aug
    • Jun
    • May
    • Apr
    • Mar
    • Feb
    • Jan
  •     2011
    • Dec
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • Jun
    • May
    • Apr
    • Mar
    • Feb
  •     2010
    • Nov
    • Oct
    • Sep
    • Aug
    • Jul
    • May
    • Apr
    • Mar
  •     2009
    • Nov
    • Oct
    • Aug
    • Jul
    • Jun
    • Mar
  •     2008
    • Dec
    • Nov
    • Oct
    • Aug
    • Jul
    • May
    • Feb
  •     2007
    • Nov
    • Oct
    • Sep
    • Jul
    • Jun
    • May

Feed

Follow
Give us feedback in our Product Forums.
  • Google
  • Privacy
  • Terms