An eagle-eyed CodeProject reader posted a comment to my ASP.NET CAPTCHA Server Control article pointing out one French developer's very thorough attempts to defeat many common CAPTCHA techniques. He compares lots of visual CAPTCHAs side by side and comments on their strengths and weaknesses. Some of the "best" CAPTCHAs have this comment attached to them: not always human-solvable. Heh.
Of course CAPTCHAs hurt accessibility, that’s the point. That’s what happens in a low-trust environment. If I could trust the user, I could provide a friendlier interface. Perhaps in the future browsers or websites can force some sort of handshake or authentication that occurs behind the scenes. Then we don’t have to ask for “proof of humanhood, please” via CAPTCHA controls. In the meantime, color me CAPTCHA.
I guess that “accessibility” is a word with two (or more) meanings, but in : “His main point seems to be that CAPTCHAs hurt accessibility” i presume it refers to accessibility for seing-impaired people.
I don’t agree with the statement that the increase in prevalence of CAPTCHA is proof that it works. It seems that many site owners seem them as a bit of a toy and think ‘oo we should have one of those’, regardless of whether they will be effective or not.
Sadly a lot of CAPTCHAs aren’t effective (if you’re a webmaster, try saving one of your CAPTCHA images then running gocr on it), and those that are are much less readable - for me it’s got to the stage where I have to squint at the screen and usually take 2 or 3 goes to get past many CAPTCHAs. Its got to the stage where it really hinders users imho (rather than being a very minor inconvenience)