Robustness and user test on text-based CAPTCHA: Letter segmenting is not too easy or too hard

Text-based CAPTCHA is widely used as an online security guard, requiring a user to input letters for classifying human and automated software (known as a bot). However, they are still a problem for usability and robustness. This study investigated the effect of letter spacing, disturbing line orientation and disturbing line color on user test and robustness of text-based CAPTCHA. The 240 CAPTCHAS were tested using Thai undergraduate students. The results show that there were no significant differences in user tests for the three factors. For robustness, disturbing line orientation had no significant difference. However, overlapping letter CAPTCHA was the most significantly robust. CAPTCHA with a disturbing line using the same color as the background was more significantly robust than that using the same color as the foreground. Moreover, if no-spacing letter is used, the effect of disturbing line color is statistically significant in robustness while the effect of that became insignificant when a spacing between letter and overlapping letter are used. We recommend that CAPTCHA with no spacing letter and combined with disturbing line using the same color as the background is suitable for users and its robustness. This can be concluded that letter segmenting technique is not too hard for users (passed 88 %) while it is not too easy for bot attacks (passed 39 %). In terms of security, more studies can still be carried on the CAPTCHA to enabled more robustness against new crime technologies. In terms of usability, on other age groups could be consider.