Skip to main content

Ascertain human interaction


The system must guarantee that user actions are performed by a human (e.g., registration, authentication and password recovery). This can be achieved using CAPTCHA, incremental delays or mechanisms that prevent excessive crawling and indexing.


There exist several attacks that have been automated or depend on a robot for their execution. Many of them focus on exploiting vulnerabilities in authentication forms. In order to hinder the effectiveness of these attacks, the system must implement mechanisms that help ensure that the entity with which it is interacting is a human being.