Pete Freitag Pete Freitag

CAPTCHA Codes are not Accessible

Updated on December 06, 2023
By Pete Freitag
web

CAPTCHA tests are showing up like crazy these days to validate that users are humans, and not computers. They are used in blog comments, and are getting popular for online registration sites.

I think that most people implementing captcha's these days are overlooking the fact that they are not accessible, and they would fail Section 508 accessibility compliance for a web application.

Nearly 10% of the population is color blind, and even more can't see very well. Some CAPTCHA codes are hard for me to read and I am not color blind, and have 20/20 vision. Just take a look at the CAPTCHA code on slashdot to see what I mean.

By the way CAPTCHA is an acronym for "completely automated public turing test to tell computers and humans apart."



captcha accessibility section508

CAPTCHA Codes are not Accessible was first published on June 09, 2005.

If you like reading about captcha, accessibility, or section508 then you might also like:

Discuss / Follow me on Twitter ↯

Comments

The color blindness thing regularly gets me. I'd say I have to re-key at least 1 out of every 5 captcha's I try to enter.
by Rob Brooks-Bilson on 06/09/2005 at 1:20:16 PM UTC
You could use a question based captcha such as "Fill in the blank with the missing sequence a _ c d", or provide an answer to a common question "Who's buried in Grants Tomb?____" and so on, but over time AI systems will be able to decipher even these unless you have a very large set of questions.

From a section 508 perspective, One method is to provide a phone number to call for an activation code. The alt/title field would contain the challenge code which the user punches into the phone and the person or automated system provides the response to be entered into the text field. If you are using an 800 number, you have the added advantage of being able to guarantee caller id, since the person paying for the phone call (you being the 800 number owner) has a right to know who's calling you.
by Christopher Wigginton on 06/09/2005 at 2:02:28 PM UTC
I just found this site: http://captchas.net/ which offers an audio captcha service.
by Pete Freitag on 06/09/2005 at 3:43:55 PM UTC
The reason the why all these CAPTCHA images are obfuscated is to prevent OCR packages from reading them.

I wonder if you couldn't just get around this by having Flash dyamic querying the server and display a string to display.

This wouldn't address accessibility, but might allow you to display an easier to read string.
by Dan G. Switzer, II on 06/09/2005 at 6:03:44 PM UTC
Yea, I have come across a fair few CAPTCHAs and I really don't like them. Gmail has some legible ones, but when you view Microsoft's they are horrible.

I tend to stay away from them if I can.
by Pascal on 06/10/2005 at 3:53:24 AM UTC
what about verify by email? better than phone
by whackaxe on 06/10/2005 at 3:05:25 PM UTC
Verify by email can usually be done by a computer.
by Pete Freitag on 06/10/2005 at 3:10:37 PM UTC
How about using onFocus(), onChange(), or onBlur()? All of them are standard events which are also fired by screen readers, etc. When at least one field has had some text put in it, then either set a hidden field's value to a specific key or dynamically add a hidden field.
by Mike on 03/11/2008 at 8:57:21 AM UTC
I don't think adding audio makes it section 508 compliant, as there are also hearing disabilities. And from what I hear the audio CAPTCHA's are just as hard to decipher by someone with good hearing.
by Pete Freitag on 05/15/2008 at 9:01:46 AM UTC
Great Blog. I add this Blog to my bookmarks.
by tweakpcahbiq on 11/11/2010 at 11:46:24 AM UTC
I?ve been visiting your blog for a while now and I always find a gem in your new posts. Thanks for sharing.
by weightlostsht on 12/09/2010 at 3:49:11 PM UTC
I just sent this post to a bunch of my friends as I agree with most of what you?re saying here and the way you?ve presented it is awesome.
by weightlostwtl on 12/19/2010 at 10:18:04 PM UTC