How to secure your contact form, CAPTCHA vs reCAPTCHA
Spammers are using every tool at their disposal to send unsolicited emails, in part thanks to advancements in AI and internet bots, these days spammers target contact forms more than ever. Almost every website uses the contact form to engage with customers and unfortunately, there are still many website owners out there that have
CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart), the main objective of CAPTCHA is to distinguish human from bot input. It requires the user to enter the letters of the disordered words. Advancement in machine learning and In particular deep learning resulted in development of advanced CAPTCHA solving algorithms with high success rate to crack conventional CAPTCHA puzzles. In 2009 Google acquired a CAPTCHA like system called reCAPTCHA, it is not only tries to establish the computer user is human but also assists in the digitization of books. As per Google’s introduction of the system “reCAPTCHA makes positive use of this human effort by channelling the time spent solving CAPTCHAs into digitizing text, annotating images, building machine learning datasets. This in turn helps preserve books, improve maps, and solve hard AI problems.)”, reCAPTA is a free services and uses advanced risk analysis techniques to protect your contact forms.
To add reCAPTCHA to your form, first you should login to Google reCAPTCHA admin console and register your site. Then you should add the code snippets to your webpage something like (As per Google’s instruction here)
<script src=”https://www.google.com/recaptcha/api.js?render=reCAPTCHA_site_key“></script>
<script>
grecaptcha.ready(function() {
grecaptcha.execute(‘reCAPTCHA_site_key‘, {action: ‘homepage‘}).then(function(token) {
…
});
});
</script>
If you are using WordPress you should be able to use WP-reCAPTCHA plugin, simply find the WP-reCAPTCHA under “Plugin“, “Add new” and install the plugin. Enter the “site key” and “secret key” provided by Google and you are set.
