CAPTCHAs: The good, the bad, and the ugly

Conference contribution
(Conference Contribution)

Publication Details

Author(s): Baecher P, Fischlin M, Gordon L, Langenberg R, Lützow M, Schröder D
Publication year: 2010
Pages range: 353-365
ISBN: 9783885792642


A CAPTCHA is a program that generates challenges that are easy to solve for humans but difficult to solve for computers. The most common CAPTCHAs today are text-based ones where a short word is embedded in a cluttered image. In this paper, we survey the state-of-the-art of currently deployed CAPTCHAs, especially of some popular German sites. Surprisingly, despite their importance and the large-scale deployment, most of the CAPTCHAs like the ones of the "Umweltprämie", the Bundesfinanzagentur, and the Sparda-Bank are rather weak. Our results show that these CAPTCHAs are subject to automated attacks solving up to 80% of the puzzles. Furthermore, we suggest design criteria for "good" CAPTCHAs and for the system using them. In light of this we revisit the popular reCAPTCHA system and latest developments about its security. Finally, we discuss some alternative approaches for CAPTCHAs.

FAU Authors / FAU Editors

Schröder, Dominique Prof. Dr.
Lehrstuhl für Informatik 13 (Angewandte Kryptographie)

How to cite

Baecher, P., Fischlin, M., Gordon, L., Langenberg, R., Lützow, M., & Schröder, D. (2010). CAPTCHAs: The good, the bad, and the ugly. (pp. 353-365). Berlin.

Baecher, Paul, et al. "CAPTCHAs: The good, the bad, and the ugly." Proceedings of the Sicherheit 2010 - Sicherheit, Schutz und Zuverlassigkeit Beitrage der 5. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fur Informatik e.V. (GI) - 5th Annual Conference of the Department of Security of the Society for Informatics, Berlin 2010. 353-365.


Last updated on 2018-10-08 at 13:39