ACCAN, along with a number of Australian disability organisations, recommend that all governments, businesses and organisations immediately remove all inaccessible CAPTCHAs from their websites and replace them with accessible alternatives.

CAPTCHAs are used on many websites as a way to protect against unwanted computer generated interaction. They are designed to ensure that only humans are able to access the content of a website. Text or sound is usually distorted with the rationale that humans can understand these images or recordings, but automated text readers or voice recognition systems cannot. Most commonly, CAPTCHA will be in the form of wavy letters in an image file or sounds embedded in a set of whispers in an audio file).

CAPTCHA tests are frustrating and difficult for all internet users, but for many people who have a disability, CAPTCHA tests are a barrier that prevent access to websites and online services.

Recommendations

We recommend that all governments, businesses and organisations immediately remove all inaccessible CAPTCHAs from their websites and replace them with accessible alternatives.
The following are examples of security alternatives which can be used to protect website content without barring access for people with disability:

  1. Email verification: requesting website visitor's reply to an email sent to their email address.

  2. Honey Pots: Honey Pot fields can be used on websites to identify bots and non-human interaction. Honey Pot fields are invisible to human web users and can be tagged to alert screen reader users to leave the field blank. Any interaction with the Honey Pot indicates malicious or machine interaction and access to the website can accordingly be blocked.

  3. Server-side detection: there are a number of server-side plugins which can protect websites against unwanted spam and comments without creating barriers for legitimate users.

  4. Retyping recipients email: this method requires the web user to retype the email address of the recipient or website contact form. For example, the website email address is listed on the site as info(at)exampledotcomdotau and the web user needs to retype the address into typical email address format, i.e. This email address is being protected from spambots. You need JavaScript enabled to view it.

Download: docxCAPTCHA policy position1.51 MB

Download: pdfCAPTCHA policy position270.44 KB