Jump to main navigation, main content

Archived entry | Matt Wilcox .net

Google Gmail CAPTCHA

I went to sign into my Gmail account today and after entering my username and password, got hit by a request for a CAPTCHA and a re-entering of my password. I was furious.

  1. CAPTCHAs are bad for accessibility, regardless of the ‘accessible’ CAPTCHA option that is also presented. Incidentally, the ‘accessible’ CAPTCHA only works if you have javascript turned on, and Flash installed, and happen to not be deaf or stuck on a computer without sound card or speakers - so blind people on a university computer are completely stuck)
  2. The CAPTCHA only appears after you have submitted your username and password. So you then have to enter the password again. Time waste!
  3. Why use a CAPTCHA anyway!? If a spambot has got my username and password and can log in automatically then I’m seriously worried. Where is the benefit of using one here?

Seems a very ill thought out and extremely annoying move to add to the log in system. I fail to see the point, and certainly feel the trade off is not worth any potential ’security’ benefit.


skip to comment form
  1. stokefan posted 4 days, 2hrs, 56mins after the entry and said:

    I never knew those were called CAPTCHAs! smiley icon: smile thanks Matt!

  2. Matt Wilcox posted 4 days, 7hrs, 35mins after the entry and said:

    We learn something every day James! smiley icon: smile

    After reading up on it a little more I can at least understand why Google have started using CAPTCHAs.
    The CAPTCHA only appears if you attempt to log-in with an incorrect password. By challenging you to a CAPTCHA Google are making brute-force account hacking impossible, because you can't leave a hack-bot constantly hitting the form. It will always fail on the CAPTCHA.

  3. Ajdin posted 3 years, 136 days, 4hrs after the entry and said:

    Recently I started looking at Google apps to se how one can set up a useful colaborative envirnoment for free. Security is one issue and I think Capcha is helpful but it should be optional. Have a look at my blog titled "Google Security" and pass your comments

  4. Art Murrison posted 4 years, 71 days, 5hrs after the entry and said:

    It is a waste of time and my sister and my wife, who are both deaf have gmail accounts and they are really fed up with it. Not only once but several times they have to enter the correct letters which sometime is unreadable. So my advice is, get rid of it, or give us choice to accept it or to reject it.

From the archives

Other enteries filed under:

My Two Cents

Web Development

Site information

Built with valid XHTML and CSS, designed with web standards and accessibility in mind. Best viewed in a modern browser [Firefox, Safari, Opera]

This domain and all content is a copy of my old website, for historical purposes only.