User friendly alternatives to captcha to improve user experience on your website

Download User friendly alternatives to captcha to improve user experience on your website

Post on 11-Aug-2014

1.945 views

Category:

Design

1 download

Embed Size (px)

DESCRIPTION

Perhaps the most loathed of all Internet security measures, a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) attempts to weed out bots from legitimate users by presenting a test that is easy for a human, but difficult or impossible for a computer. CAPTCHAs are a nice idea in theory. Theyre meant to keep spam comments at bay and prevent bots from harvesting email addresses. Theyre also very commonplace; according to Luis von Ahn, one of the creators of CAPTCHA, about 200 million CAPTCHAs are completed every day. But they present some serious user experience problems. We tested the CAPTCHA experience with our panel, and heres what we learned.

TRANSCRIPT

  • Think Your Site Needs ? Try These User-Friendly Alternatives
  • Have you ever filled out a form on a website, and been faced with something like what is shown in the following video? Introduction
  • Introduction Perhaps the most loathed of all Internet security measures, a CAPTCHA attempts to weed out bots from legitimate users by presenting a test that is easy for a human, but difficult or impossible for a computer. What does CAPTCHA stand for? Completely Automated Public Turing test to tell Computers and Humans Apart
  • Introduction CAPTCHAs are a nice idea in theory. Theyre meant to keep spam comments at bay and prevent bots from harvesting email addresses. Theyre also very commonplace; according to Luis von Ahn, one of the creators of CAPTCHA, about 200 million CAPTCHAs are completed every day.
  • Introduction But CAPTCHAs present some serious user experience problems. We tested the CAPTCHA experience with our panel, and heres what we learned:
  • 3 UX Problems
  • They interrupt the users workflow 3 UX Problems 1
  • They put one extra, irritating step between users and the tasks they want to accomplish. Plus, even the better versions can be difficult to read. 3 UX Problems
  • ReCAPTCHA is one of the more usable and respected CAPTCHA generators out there. With ReCAPTCHA, users decipher scanned images of text from old books, allowing the books to become digitized. 3 UX Problems
  • The advantage to the user is that the text is made of actual words, not random strings of numbers and letters. 3 UX Problems Hard-to-read text can cause errors and slow you down even further.
  • 3 UX Problems Theyre not accessible 2
  • 3 UX Problems This brings up the second major usability problem: CAPTCHAs are excessively difficult for people with visual disabilities. Some offer audio alternatives, but those are often even harder to decipher (and pretty scary-sounding!)
  • 3 UX Problems They put the burden on legitimate users 3
  • Beyond the usability and accessibility concerns, theres a disturbing flaw at the core of the whole thing. 3 UX Problems
  • The fundamental problem is that CAPTCHAs force humans to complete undesirable tasks because of issues that are beyond their control and not their fault. 3 UX Problems
  • With CAPTCHA, website visitors are presumed guilty until proven innocent. 3 UX Problems
  • Alternatives to CAPTCHA
  • Alternatives to CAPTCHA Easier and more enjoyable tests
  • Because completing CAPTCHAs is so unpalatable, several more user-friendly alternatives have popped up. Some of these, like PlayThru and Sweet Captcha, gamify the process of proving youre a human. Alternatives: Easy/Fun tests PlayThru Sweet Captcha
  • While playing an easy game is more enjoyable than entering a string of text, the games are generally not accessible to users with visual impairments. If an option is available at all for visually-impaired users, its the scary, difficult audio CAPTCHA from before. Alternatives: Easy/Fun tests
  • Whats more, users are so accustomed to completing normal CAPTCHAs, gamified alternatives can be seen as annoying or juvenile. Alternatives: Easy/Fun tests
  • I feel like it makes it look unprofessional. Maybe if it were a kids site, you might need animated CAPTCHA, but if anything, its more of a pain in the butt. Raquelmelody, United States Member of UserTesting panel Alternatives: Easy/Fun tests
  • Other alternatives are Text CAPTCHA and Egglue, which ask simple questions humans can answer using logic or intuition rather than pattern recognition alone. Egglue uses logic questions rather than images to verify humanity. Alternatives: Easy/Fun tests
  • NuCaptcha uses behavior analysis to assess each visitors risk level. Then it assigns easy or difficult CAPTCHAs based on how likely it is that the visitor is a bot. Visitors who behave like humans are given very easy tests to complete. NuCaptcha also offers many different themes to match your site Alternatives: Easy/Fun tests
  • The downside of these options is that they still disrupt the users workflow. While they might be less frustrating, they still create a barrier between the user and their goal. Alternatives: Easy/Fun tests
  • Honeypots Alternatives to CAPTCHA
  • Honeypots are traps made to catch bots without ever being noticed by human users. The most common example is the hidden form field. With this solution, an extra field is included in the web form and then hidden from human users with JavaScript or CSS. Bots, however, will still see the field and fill it out. If the field is filled out, the form is automatically rejected. Alternatives: Honeypots
  • Honeypots arent perfect, though. Visitors who use screen reader software will still encounter the field, creating more confusion and increasing the chances theyll fail the test. To work around this problem, you could label the form field something like, Leave this field blank, but this is still likely to confuse users. Alternatives: Honeypots
  • Verified sign-in Alternatives to CAPTCHA
  • Another option for confirming visitors are human is to require them to sign in with an account such as Facebook, Twitter, or Disqus. (We use Disqus for comments on the UserTesting blog.) Alternatives: Verified sign-in
  • This solution is popular for blogs because it includes the side benefit of removing the anonymity that mean-spirited users rely on when they leave rude or offensive comments. Tying comments to a social account adds a level of responsibility that discourages trolls. Alternatives: Verified sign-in
  • The obvious problem here, though, is that not all users have the required social account. This can be mitigated by using a service like Janrain or Gigya that allows users to choose from a wide variety of accounts to log in with, rather than just one or two. Alternatives: Verified sign-in
  • Janrain gives users multiple sign-in choices. Alternatives: Verified sign-in
  • Theres still one problem remaining with social media solutions: many users arent comfortable using their social account information to log into an unfamiliar website. They might be concerned that this is an invasion of privacy, or that the website will post updates to their account without their permission. Alternatives: Verified sign-in
  • Time stamps Alternatives to CAPTCHA
  • A big difference between humans and robots is the speed at which we complete tasks. It takes us a few moments to read each field, decide what to input, and then type the text. Bots, on the other hand, can populate a form instantly. By using time stamps on your site, you can reject forms that are filled out too quickly. Alternatives: Time Stamps VS
  • This might not be secure enough to stand alone, though, as some of the sneakier bots are programmed to take longer to fill out forms to specifically avoid this trap. Plus, for returning visitors with cookies enabled, the form may auto-populate, causing the visitor to be wrongfully identified as a bot. Alternatives: Time Stamps
  • Checkboxes Alternatives to CAPTCHA
  • One of the best solutions is to include a client-side JavaScript checkbox that says something like, I am a human. By generating the checkbox client-side, only legitimate users will be able to see and check the box. Alternatives: Checkboxes
  • There are some concerns about bots that are clever enough to read the Javascript or CSS and work around the checkbox solution, so additional measures could be added for security. Alternatives: Checkboxes
  • Here are some resources to check out if youre interested in the checkbox solution: Growmap Anti Spambot Plugin for WordPress CodeUmbras tutorial on the checkbox solution UX Movement article in favor of the checkbox Alternatives: Checkboxes
  • Whats a website owner to do?
  • Whats to do? To determine which alternative is best for your site, you should ask yourself why you need the additional security measures.
  • Whats to do? For blog owners looking to prevent spam comments, a social sign-in solution might be right if users are open to it. Run tests with your users to find out if they would actually use a verified sign-in, or if it would cause an uproar of privacy concerns.
  • Whats to do? For e-commerce sites that need to verify a visitors validity at the point of purchase, any additional steps between the user and the purchase can reduce conversions. If you can use an alternative that doesnt interfere with the users workflow, youll stand a much better chance of making the sale and keeping the user happy.
  • Whats to do? The very best solution is one your users never notice. Consider using honeypots, time stamps, or checkboxes or a combination of these.
  • www.usertesting.com

Recommended

View more >