In an attempt to protect accounts and blogs from spammers, many businesses have elected to use CAPTCHAs rather than passwords. Now, some experts in the cyber security news industry question the effectiveness of CAPTCHAs.
What CAPTCHAs Are Supposed to Accomplish
While blogs and forums have proved to be an excellent way for businesses to create a strong connection with customers, which in turn becomes brand loyalty, businesses ran into a huge problem with malicious software that created fictitious accounts that in some cases allowed the software to corrupt the businesses website. The CAPTCHAs proved that it was a person, and not just an automated program, leaving a comment on a blog or forum maintained by the company. Many businesses also use CAPTCHAs whenever customers create and sign into accounts prior to finalizing purchases.
The Problem with CAPTCHAs
The first issue is that many users find CAPTCHAs irritating. The captchas software doesn’t always provide a clear image of the word the customer is supposed to enter which results in the customer having to try several times to access their account. Customers find this intensely irritating and each time they encounter a problem entering the CAPTCHA, they become more likely to take their business elsewhere. In a recent Distil Networks study, it was revealed that CAPTCHA programs can cost a business 12% of their customers.
The second problem cybersecurity experts worry about is that business put too much faith in the CAPTCHAs they are using and fail to take other precautions to their cybersecurity needs. This is especially alarming in the wake of a warning that was issued by Microsoft that warmed individuals who use the computer programmer’s live services that a certificate was available that allowed accounts that are protected only by CAPTCHAs, could be at risk for an attack. The malicious certificate had been designed to circumvent the CAPTCHA and access the account.
At the moment, cybersecurity experts are working closely with Microsoft to swiftly resolve the issue, but also warn that the existence of one such malicious certificate means that similar certificates could be created that make it possible for cybercriminals to access to attack other businesses and gaining access to information that would ruin the company’s reputation and bottom line.
Cybersecurity experts suggest that the best thing business owners can do to protect themselves and their customers are looking at alternate forms of cyber security that rely less on CAPTCHAs and more on individual passwords.