ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Usability of CAPTCHAs or usability issues in CAPTCHA design
Full text PdfPdf (787 KB)
Source
ACM International Conference Proceeding Series; Vol. 337 archive
Proceedings of the 4th symposium on Usable privacy and security table of contents
Pittsburgh, Pennsylvania
SESSION: Authentication II table of contents
Pages 44-52  
Year of Publication: 2008
ISBN:978-1-60558-276-4
Authors
Jeff Yan  Newcastle University, UK
Ahmad Salah El Ahmad  Newcastle University, UK
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 43,   Downloads (12 Months): 320,   Citation Count: 4
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1408664.1408671
What is a DOI?

ABSTRACT

CAPTCHA is now almost a standard security technology, and has found widespread application in commercial websites. Usability and robustness are two fundamental issues with CAPTCHA, and they often interconnect with each other. This paper discusses usability issues that should be considered and addressed in the design of CAPTCHAs. Some of these issues are intuitive, but some others have subtle implications for robustness (or security). A simple but novel framework for examining CAPTCHA usability is also proposed.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Luis von Ahn , Manuel Blum , John Langford, Telling humans and computers apart automatically, Communications of the ACM, v.47 n.2, p.56-60, February 2004  [doi>10.1145/966389.966390]
 
2
Luis von Ahn, Personal Communications, Oct 2007.
 
3
HS Baird, MA Moll and SY Wang. "A highly legible captcha that resists segmentation attacks". Proc. of Second Int'l Workshop on Human Interactive Proofs (HIP'05), ed. by HS Baird and DP Lopresti, Springer-Verlag. LNCS 3517, Bethlehem, PA, USA, 2005.
4
Kumar Chellapilla , Kevin Larson , Patrice Simard , Mary Czerwinski, Designing human friendly human interaction proofs (HIPs), Proceedings of the SIGCHI conference on Human factors in computing systems, April 02-07, 2005, Portland, Oregon, USA  [doi>10.1145/1054972.1055070]
 
5
K Chellapilla, K Larson, P Simard and M Czerwinski, "Building Segmentation Based Human-friendly Human Interaction Proofs", 2nd Int'l Workshop on Human Interaction Proofs, Springer-Verlag, LNCS 3517, 2005.
 
6
M Chew and HS Baird. "BaffleText: a human interactive proof". Proc. of 10th IS&T/SPIE Document Recognition & Retrieval Conference, 2003.
 
7
AL Coates, H S Baird and RJ Fateman. "PessimalPrint: A Reverse Turing Test", Int'l. J. on Document Analysis & Recognition, Vol. 5, pp. 158--163, 2003.
 
8
Lindsay W. MacDonald, Tutorial: Using Color Effectively in Computer Graphics, IEEE Computer Graphics and Applications, v.19 n.4, p.20-35, July 1999  [doi>10.1109/38.773961]
 
9
T Converse, "CAPTCHA generation as a web service", Proc. of Second Int'l Workshop on Human Interactive Proofs (HIP'05), ed. by HS Baird and DP Lopresti, Springer-Verlag. LNCS 3517, Bethlehem, PA, USA, 2005. pp. 82--96
 
10
Dan Goodin, "Facebook takes the Captcha rap". The Register, Dec 13, 2007. Available at http://www.theregister.co.uk/2007/12/13/facebook_captcha _goes_wrong/
 
11
Paul Festa. "Spam-bot tests flunk the blind", CNET News.com, July 2, 2003. Available at http://www.news.com/2100-1032-1022814.html.
 
12
Greg Mori and Jitendra Malik. "Recognising Objects in Adversarial Clutter: Breaking a Visual CAPTCHA", IEEE Conference on Computer Vision and Pattern Recognition (CVPR'03), Vol 1, June 2003, pp. 134--141.
 
13
Jakob Nielsen. Usability 101: Introduction to Usability, 2003. Available at http://www.useit.com/alertbox/20030825.html.
 
14
W3C Working Group, "Inaccessibility of CAPTCHA - Alternatives to Visual Turing Tests on the Web", Nov, 2005. Available at http://www.w3.org/TR/turingtest/.
 
15
J Yan and A S El Ahmad. "Breaking Visual CAPTCHAs with Naïve Pattern Recognition Algorithms", in Proc. of the 23rd Annual Computer Security Applications Conference (ACSAC'07). FL, USA, Dec 2007. IEEE computer society. pp 279--291.
 
16
J Yan and A S El Ahmad. "A Low-cost Attack on a Microsoft CAPTCHA", School of Computing Science Technical Report, Newcastle University, England. Feb, 2008.
 
17
BotBlock. http://www.chimetv.com/tv/products/botblock.shtml. Accessed in Feb, 2008.
 
18
http://recaptcha.net/
 
19
http://www.cryptographp.com
 
20
FreeCap. http://www.puremango.co.uk/cm_php_captcha_script_113.php
 
21
Diablo 2 event, http://newd2event.net/index.php?id=hacks/redvex/HotPlug_Plugin
 
22
The "Shout it out" audio CAPTCHA, http://www.nswardh.com/shout/. Accessed in Feb, 2008.
23
Richard Chow , Philippe Golle , Markus Jakobsson , Lusha Wang , XiaoFeng Wang, Making CAPTCHAs clickable, Proceedings of the 9th workshop on Mobile computing systems and applications, February 25-26, 2008, Napa Valley, California  [doi>10.1145/1411759.1411783]
24
Ritendra Datta , Jia Li , James Z. Wang, IMAGINATION: a robust image-based CAPTCHA generation system, Proceedings of the 13th annual ACM international conference on Multimedia, November 06-11, 2005, Hilton, Singapore  [doi>10.1145/1101149.1101218]
25
Asirra: a CAPTCHA that exploits interest-aligned manual image categorization, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA  [doi>10.1145/1315245.1315291]
 
26
M Hoque, D Russomanno, M Yeasin. "2D Captchas from 3D Models", IEEE SoutheastCon 2006 Memphis, TN, April 2006.
 
27
J Yan and A S El Ahmad. "Is cheap labour behind the scene? - Low-cost automated attacks on Yahoo CAPTCHAs", School of Computing Science Technical Report, Newcastle University, England. Apr, 2008.

CITED BY  4
Jeff Yan , Ahmad Salah El Ahmad, A low-cost attack on a Microsoft captcha, Proceedings of the 15th ACM conference on Computer and communications security, October 27-31, 2008, Alexandria, Virginia, USA
Kurt Alfred Kluever , Richard Zanibbi, Balancing usability and security in a video CAPTCHA, Proceedings of the 5th Symposium on Usable Privacy and Security, July 15-17, 2009, Mountain View, California
Rich Gossweiler , Maryam Kamvar , Shumeet Baluja, What's up CAPTCHA?: a CAPTCHA based on image orientation, Proceedings of the 18th international conference on World wide web, April 20-24, 2009, Madrid, Spain
Konstantin Beznosov , Philip Inglesant , Jorge Lobo , Rob Reeder , Mary Ellen Zurko, Usability meets access control: challenges and research opportunities, Proceedings of the 14th ACM symposium on Access control models and technologies, June 03-05, 2009, Stresa, Italy

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection

Additional Classification:
  H. Information Systems
  H.1 MODELS AND PRINCIPLES
      H.1.2 User/Machine Systems


General Terms:
Design, Human Factors, Security


Keywords:
CAPTCHA, security, usability

Collaborative Colleagues:
Jeff Yan: colleagues
Ahmad Salah El Ahmad: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player