traditional CAPTCHA and its replacement Dr Scott Hollier A11y - - PowerPoint PPT Presentation

traditional captcha
SMART_READER_LITE
LIVE PREVIEW

traditional CAPTCHA and its replacement Dr Scott Hollier A11y - - PowerPoint PPT Presentation

Dec 20, 2022 169 likes •308 views

The death of traditional CAPTCHA and its replacement Dr Scott Hollier A11y Bytes Perth 2018 Technology for everyone What is CAPTCHA? Completely Automated Public Turing test to Tell Computers and Humans Apart (CAPTCHA) Purpose: to

slide-1
SLIDE 1

Dr Scott Hollier A11y Bytes Perth 2018

The death of traditional CAPTCHA and its replacement

Technology for everyone

slide-2
SLIDE 2
  • Completely Automated Public Turing

test to Tell Computers and Humans Apart (CAPTCHA)

  • Purpose: to stop bots from harvesting

data What is CAPTCHA?

slide-3
SLIDE 3
  • Task: to identify a distorted set of

characters from a bitmapped image, then enter those characters into a form. Traditional CAPTCHAs

slide-4
SLIDE 4
  • Impossible for people with low vision
  • Incompatible with screen readers

making it impossible for blind users

  • Assumes familiarity with the English

character set

  • Not intuitive making it difficult for

people with cognitive disabilities

  • Alternatives can be difficult too

CAPTCHAs and web accessibility

slide-5
SLIDE 5

Traditional CAPTCHA issues

slide-6
SLIDE 6
  • Do you type in ‘9’, ‘Nine’ or ‘nine’?

Audio CAPTCHA

slide-7
SLIDE 7
  • Research Questions Task Force

(RQTF) has researched CAPTCHAs and accessibility to update 12-year-

  • ld CAPTCHA advice document
  • I’ve authored most of the new

revision currently pending approval W3C WAI APA RQTF

slide-8
SLIDE 8
  • 20% of traditional CAPTCHAs can be

cracked easily

  • This figure is much higher using

pattern-matching algorithms

  • Not only are traditional CAPTCHA

solutions (visual, audio) inaccessible but also insecure Findings

slide-9
SLIDE 9
  • reCAPTCHA checkbox
  • Federated identity
  • Multiple devices with biometrics
  • E-mail verification

Best practice

slide-10
SLIDE 10
  • reCAPTCHA works by monitoring

human movement. Works well for security and accessibility but defaults to inaccessible CAPTCHA if not sure. reCAPTCHA checkbox

slide-11
SLIDE 11

reCAPTCHA in action

slide-12
SLIDE 12
  • Traditional CAPTCHAs are not just

inaccessible but also no longer secure

  • reCAPTCHA checkbox good but has

inaccessible fallback

  • Other mechanisms such as federated

identity, multiple devices and biometrics are best practice Conclusion

slide-13
SLIDE 13

Further information

  • E-mail:

scott@hollier.info

  • Website:

hollier.info

  • Mobile:

+61(0)430 351 909

  • Twitter:

@scotthollier

  • Newsletter: newsletter@hollier.info
  • Book:
  • utrunningthenight.com