A CAPTCHA is a small security test on websites that helps tell a human apart from an automated bot.

Simple definition

  • CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”.
  • Websites use it to block spam, fake sign‑ups, credential‑stuffing, and other automated attacks.
  • It’s a type of “challenge–response” test: the site challenges you, you respond, and if your answer looks human, you’re let through.

How a CAPTCHA works

  • The site decides a request looks risky (e.g., many logins from one IP, very fast form submissions) and shows a test.
  • You solve a small puzzle (typing text, clicking images, ticking a box, etc.).
  • If you pass, your request (login, comment, sign‑up, purchase) is accepted; if not, the site may block or ask again.

Common CAPTCHA types

  • Distorted text: Type the warped letters or numbers shown in an image into a box.
  • Image selection: Click all the squares with traffic lights, buses, crosswalks, cats, etc.
  • Checkbox (“I’m not a robot”): A simple box to tick; behind the scenes, the system analyzes your behavior and context.
  • Puzzles/questions: Solve a small math task or answer a simple logic or site‑themed question.
  • Audio CAPTCHA: Listen to spoken numbers/letters and type them, mainly for accessibility.

Why CAPTCHAs matter today

  • They help keep comment sections, sign‑up forms, and contact forms from being overrun by spam bots.
  • They slow down credential‑stuffing and automated attacks on login pages.
  • Newer AI and bots are getting better at solving traditional CAPTCHAs, so services like reCAPTCHA and hCaptcha now analyze user behavior, risk scores, and other signals, not just puzzles.

Quick forum-style take

“Those blurry letters or ‘click all the traffic lights’ screens are just websites checking: ‘Are you a real person or a script hammering this form?’”

Many users find CAPTCHAs annoying or hard to read, but for now they are still a widely used line of defense against automated abuse.

TL;DR: A CAPTCHA is an automated test on websites that asks you to solve a small puzzle so the system can confirm you’re human and filter out bots.