Golden Rule #2: Stop Using a Captcha

March 08, 2017 | By Stela Pham

Download PDF

CAPTCHAs create unfriendly user experiences for your web visitors, but, in most cases, common web designers will use them thinking it’s an unavoidable technique in the battle against bots and spam.

Our Golden Rule #2 will make a case to stop using CAPTCHAs and use a different technique (e.g. Honeypot) instead.

First, let’s start by defining what CAPTCHA stands for, and what its purpose is.

CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”. This is a technique that protects websites against spam robots by generating and grading tests that humans can pass, but spam robots cannot.

For example, humans can read distorted text as the one shown below, but spam robots cannot:


I know what you’re probably thinking right now, “Man, I hate those things. They are so annoying.”

Yes, they are. CAPTCHA codes not only damage the usability of your website, but also significantly decreases conversation rates (e.g. leads, sales, or other important metrics you need to make money).

Simply put, when you use CAPTCHAs, chances are you’re losing money.

OK – spam is bad and you don’t want it. So how can you defend your website against spam, but not give your users the miserable experience of a CAPTCHA?

Enter the Honeypot.

The concept of a Honeypot is pretty simple. Using basic HTML and CSS you can simply add fields to your contact and sign up form that are invisible to human users, but visible to spam robots. You see, spam robots are stupid. For example, they are not smart enough to do the CAPTCHA, and they can’t tell humans aren’t able to see the Honeypot field. If the robot blindly fills in all the fields – especially when it doesn’t require data and has data in it – then it’s a robot and not a human, meaning it can be discarded as spam.

Here’s a simple case study.

We took this simple “request a quote” form from one of our clients that used to look like this:


And with some simple re-formatting and replacing that annoying CAPTCHA with a Honeypot, it now looks like this:


The results...

We doubled the conversation rates - from 2% - 4% - of visitors to this page.

Sure, we cleaned up the fields a little bit, but that’s not the real reason the conversations took off so much – the real reason is that there was no annoying CAPTCHA. And we’re still spam-free because of the Honeypot running, invisible to humans, in the background.

Finally, a lot of people ask us, “Will a Honeypot ensure I won’t get any spam from my online forms?”

The answer is “of course not.” Spam still can come from humans and the Honeypot is actually easier than a CAPTCHA for those human spammers, but from a wide-scope way to avoid robot spamming, this technique will do the trick.


Based in Newport Beach in sunny Orange County, we have been serving Southern California and the Los Angeles area since our inception. Now serving clients nationwide. With four offices on three continents, we offer a global cadence to execute projects on time and on budget.

Orange County
World Headquarters
3420 Irvine Avenue
Newport Beach, CA 92660

(949) 359-4070 - sales
(949) 574-5500 - support
Salt Lake City
Development Office
634 South 400 West,
Suite 200
Salt Lake City, UT 84101

(801) 845-0402 - sales
NOC / Development Office
328 S. Jefferson St.
Suite 450
Chicago, IL 60661

(773) 257-7446 - sales
Pune, India
.NET Development Office
4th Floor, Tower S4
Magarpatta City, Hadapsar
Pune - 411028
Wroclaw, Poland
PHP Development Office
Aleja Karkonoska 45 (2 piętro)
53-015 Wroclaw