Home / Security / reCaptcha Not Fool Proof


reCaptcha is a technology to stop auto bots from creating email and forum accounts in an attempt to post and send spam. There are tools that use OCR, or optical character recognition techniques and other methods to break reCAPTCHA, a widely used security measure acquired by Google in September.

There are a couple of free tools that are capable of breaking captcha, though, I will not mention them here. These tools are not 100% accurate, but are automated in such a way that they work hands free to create email and forum accounts for spammers to use at a later time.

Google has denied that the current version of its reCAPTCHA captcha service contains vulnerabilities which make it easier for spammers to guess displayed words using automated scripts.

Jonathan Wilkins, the author of the analysis report, has taken a closer look at the new captchas. The main difference is the lack of the horizontal separator line used in the old captchas. Users now find the words easier to read – but so do machines. “The new version of the puzzle is weaker”, Wilkins told The H’s associates at heise Security. In his tests, Wilkins managed to increase the success rate of conventional text recognition nearly tenfold over the previous version (from 5 out of 200 to 23 out of 100).

The only way for webmasters to stop auto bots from registering new accounts is by moderating every new registration. This is time consuming, and in most cases, webmasters don’t have the time.

To learn more about reCaptcha visit http://recaptcha.net/.


About the author: Frank Jovine


The idea for Tech Jaws and most of the look of the site came from Frank’s mind – a place you wouldn’t want to vacation. Frank takes his run of the waters up North, and has been building successful web sites for years. He’s a regular within social communities like Facebook, Twitter, StumbleUpon, Reddit and Digg. His favorite appetite for tech savvy web sites include, TechCrunch, ZDNet, and helping members in Yahoo Answers in the Computer category.


Recent posts in Security



  1. This can make spamming more extensible , but i dont think this can be easily hacked , after all its of google , finally akismet will come to rescue ;)

  2. This look terrible but what can a webmaster do! It’s hard to monitor every registration. Hope the technology will improve and make it hard to read for bot and easy for human.

  3. Why would google even make something like this? Are they not against spammers? They recode there algorithm to deter spammers.