Skip to main content

Ascertain human interaction


The system must guarantee that user actions are performed by a human (e.g., registration, authentication and password recovery). This can be achieved using CAPTCHA, incremental delays or mechanisms that prevent excessive crawling and indexing.


There exist several attacks that have been automated or depend on a robot for their execution. Many of them focus on exploiting vulnerabilities in authentication forms. In order to hinder the effectiveness of these attacks, the system must implement mechanisms that help ensure that the entity with which it is interacting is a human being.

Supported In

This requirement is verified in following services




free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.