April 7th, 2009
VidoopCAPTCHA: Avoiding a more craptastic CAPTCHA by changing the game
Ever tried to do something on a site that uses CAPTCHA? You know, the Completely Automated Public Turing Test To Tell Computers and Humans Apart?
Oh. Well, how about the technology designed to prevent bots from submitting forms that requires us to enter a “human readable” element before submitting?
Um. Okay. The squiggly letters? You know the squiggly letters? The ones you can never read? The ones that force you through three or four attempts at submitting a form? The ones that make you wonder if you are, in fact, a bot?
There you go. That’s CAPTCHA.
The concept and CAPTCHA started simply enough, according to Wikipedia:
Moni Naor was the first person to theorize a list of ways to verify that a request comes from a human and not a bot. Primitive CAPTCHAs seem to have been developed in 1997 by Andrei Broder, Martin Abadi, Krishna Bharat, and Mark Lillibridge to prevent bots from adding URLs to their search engine. In order to make the images resistant to OCR (Optical Character Recognition), the team simulated situations that scanner manuals claimed resulted in bad OCR. In 2000, Luis von Ahn and Manuel Blum coined the term ‘CAPTCHA’, improved and publicized the notion, which included any program that can distinguish humans from computers. They invented multiple examples of CAPTCHAs, including the first CAPTCHAs to be widely used, which were those adopted by Yahoo!.
But as optical character recognition has improved and bots have become smarter, it’s been going downhill—faster and faster—ever since.
They latest iteration of CAPTCHAs and reCAPTCHAs have taken a variety of forms: more and more obscured text, increasingly wiggly text with multiple “words,” unintelligible audio, increasingly complicated math problems… but none of them seems to get to the crux of the issue: allowing an average human to do what they came to do.
I mean, this is the CAPTCHA from arguably the most powerful company in the world, that little search company down in Mountain View.
Right. I can’t read it either.
There has to be a better way.
Enter Portland-based Vidoop and their image grid technology.
To date, Vidoop’s recognizable image grid technology has been used to obfuscate passwords for an OpenID login, enabling users to use OpenID without having to remember other credentials.
But what dawned on the folks at Vidoop is that the image grid also made a pretty darn simple CAPTCHA device. What’s more, it was actually intelligible to a human.
Introducing VidoopCAPTCHA, a CAPTCHA that stops the craptastic slide of increasingly horrible CAPTCHAs by taking the concept in an entirely new direction.
The image grid password concept allowed users to select a few favorite things that they were to remember instead of a password—like rainbows, unicorns, and teddy bears. Then when they logged into a site using their myVidoop name, they simply selected the letters from those images as their password.
VidoopCAPTCHA takes the same tact, telling users to look for specific images and then asking them to type in the letters from those images. Simple, easy to use, and just as effective protection as the image grid for passwords.
And like the previous implementations of image grid technology, VidoopCAPTCHA has the potential to allow users of the service to insert their own images into the grid. Which, in most cases, results in an advertisement.
According to ReadWriteWeb’s coverage of VidoopCAPTCHA:
There’s a business model here, too. Vidoop says that if this system catches on, site owners will be able to sell spots in their image boxes to advertisers. The concentration required in order to identify these images would be a huge gift to advertisers placed there. There’s something a little troubling about that prospect, but the company says that in a survey so large they believe it’s nationally representative and most other people don’t mind.
Verdict: VidoopCAPTCHA is humane CAPTCHA
As a user, I found the image grid approach much easier to use than the prevailing text-based concepts. Were I a current CAPTCHA user, I’d implement VidoopCAPTCHA, today.
But is VidoopCAPTCHA enough to motivate folks to implement a CAPTCHA solution? I don’t know about that. But I do know that if you’re interested in deploying CAPTCHA, the imagery is far more legible and usable than the current squiggly text—at least to my eye. (And I’d say that even if Vidoop weren’t a Portland company.)
And I also know that if you’re a current CAPTCHA user, it would be well worth your time to take a look at VidoopCAPTCHA. Your users will thank you for it. Or at the very least, be able to communicate with you without screaming expletives at the screen.
For more information or to test drive the product, visit VidoopCAPTCHA.