This article is meant to encourage readers to keep a high standard of what is acceptable for a CAPTCHA in second decade of the 21st century. It is neither meant to be a hacking tutorial nor is it meant to incite any type of malicious behavior. This article is for educational purposes only.

In a good-faith effort to protect the identity of the CAPTCHA provider being targeted throughout this article, some CSS class names and other code changes have been made.

Recently I came across a CAPTCHA on a WordPress site that utilized nothing but simple math (sometimes using the written out word for a number) to prevent automated submissions. I’m here to tell you this isn’t enough. Computers are inherently good at math and parsing written numbers into integers is no longer considered a difficult feat. …


Brice Hartmann

Software Engineer in Chicago, IL -

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store