What is the difference between CAPTCHA, ReCAPTCHA, and NoCAPTCHA?

Last updated on May 27th, 2022 by Glenn Kouma. Filed under WordPress Security

Featured image *CAPTCHA differences*

If you’ve been thinking about adding CAPTCHA to your WordPress website (or have recently installed our amazing CAPTCHA 4WP plugin), you’ll undoubtedly have come across the many different versions and iterations of the word CAPTCHA. If you find all of these versions confusing, don’t worry; you’re not alone.

In this article, we will be looking at each of these terms in detail, explaining what each one is and what it isn’t. By the end of the article, you will be a formidable expert on all things CAPTCHA. Let’s get to it.

What is CAPTCHA?

As you might have guessed, CAPTCHA is the mother term from which all of the other terms (reCAPTCHA and NoCAPTCHA) are derived. In fact, in a way, CAPTCHA is the grandmother term.

If you’re wondering why it’s written in uppercase, that’s because it’s actually an acronym. CAPTCHA stands for – Completely Automated Public Turing test to tell Computers and Humans Apart.

The name tells us precisely what CAPTCHA means, but let’s take a second to break it down.

So we know it’s a test that is designed to tell people and computers apart. In fact, the test is designed in such a way that computers fail and humans pass. It is completely automated, so there isn’t a need for anybody to do any grading or check that nobody is cheating. The name also tells us that it’s a public test, so it can be taken by anyone.

The last piece of information that we can glean from the name is the type of test, which in this case is a Turing test.

CAPTCHA has a long and colorful history that is truly fascinating. We uncover its origin and development through the ages in our what is CAPTCHA article.

Websites use CAPTCHA tests to tell humans and computers (read bots) apart. The tests are designed to let humans in and stop bots. These CAPTCHA tests come in various flavors, including typing words, picking out images, and increasingly without doing anything at all. We will discuss this in more detail later on in the article.

Websites that use CAPTCHAs do so through a vendor. The vendor provides an API of sorts that the website connects to. The vendor then runs the actual test and passes the result back to the website. There are several vendors providing CAPTCHA services today, including Google.

What is reCAPTCHA?

reCAPTCHA is the name of a CAPTCHA service provided by Google. It has an amazing origins story that is totally worth sharing, so let’s do that for a minute.

reCAPTCHA was not always a Google service. In fact, it was started by Luis von Ahn and MacArthur Fellowship. The developers quickly realized that people were solving these puzzles but they could be doing much more than that. So, in the test, they began to use clippings from old editions of the New York Times. Google bought it in late 2009, who employed that very same technology to digitize old books for Google Books. This is where those skewed letters came from. As such, anyone who ever took one of those early CAPTCHA tests was helping administrators get rid of spam and contributing to the digitization of books at the same time.

reCAPTCHA versions

As mentioned earlier, Google had acquired reCAPTCHA back in 2009. A lot of time has passed since then, and as you would expect, there are now a number of reCAPTCHA versions. In fact, there are currently two versions administrators can choose from. Let’s see what they are.

reCAPTCHA v2

The oldest version available today is version 2. Google initially released this version way back in 2014 and comes in two different flavors. These are

  • V2 “I’m not a robot”
  • V2 Invisible

reCAPTCHA v3

The newest version of reCAPTCHA is version 3, which Google released in 2018. This version uses a score-based system in which a user is given a score between 0 and 1 in decimal format. The closer to 0 the score, the more likely a user is a bot. On the other hand, the closer to 1 the score is, the more likely a user is a human.

The great thing about this version is that it is up to the website administrator to decide the cut-off point. As such, it transfers risk management to the hands of website administrators, who can choose how lenient or strict they want to be.

What is noCAPTCHA

NoCAPTCHA is a type of reCAPTCHA that hides the CAPTCHA test from the user. Instead of traditional CAPTCHA tests in which users have to type out text or click on pictures of specific things, in a noCAPTCHA test, all the user has to do is check an I’m not a robot checkbox. You might recall from the previous section that this correlates to version 2 of reCAPTCHA. However, more is going on than meets the eye.

noCAPTCHA uses a complex algorithm that analyzes your behavior to determine if it’s human-like or not. This algorithm is essentially an ‘advanced risk analysis engine.’ Its goal is to streamline CAPTCHA tests so that it is seamless for users and more secure for website administrators.

In some cases, however, the noCAPTCHA algorithm cannot confidently predict whether someone is a human or a bot. In such cases, a traditional CAPTCHA test is presented to the user as a final test before proceeding.

CAPTCHA on WordPress websites

Adding CAPTCHA to your WordPress forms just got a whole lot easier, thanks to the CAPTCHA 4WP WordPress plugin. The plugin offers several customization options as well as all of the different reCAPTCHA versions.

You can set it up in minutes and enjoy a more secure WordPress experience for you and your users. Get a free 7-day trial of CAPTCHA 4WP.

Leave a Reply

Your email address will not be published.

Our other plugins