If your website uses ReCaptcha V1 you’ll need to upgrade it before March 31st 2018 to ensure your contact forms continue to function correctly.
What Is ReCaptcha and why do websites use it?
reCAPTCHA is a free service that protects your website from spam and abuse. It is usually implemented at the end of contact and enquiry forms to prevent automated bogus, bot (non human) enquiries you receive. You may have also seen it implemented within login forms, as this is predominantly where automated bots are aiming to gain access. The reCAPTCHA provides an additional layer of security to prevent unauthorised access.
Shown below is reCAPTCHA V1
Undoubtedly you’ve seen and used this before and I am sure that this is heavily frustrated you at some point, trying to read the letters, entering them correctly, only to be told that the text didn’t match?! Well there’s 2 types of frustration that this causes:
Frustration for your customers / users, visiting your website. If they struggled a few times to complete, they may just give up and leave your website. 🙁
Frustration for you the website owner. Without the reCAPTCHA your contact forms maybe receiving hundreds of SPAM emails, which means you may miss that vital enquiry that’s hiding within them all.
Which creates a bit of a predicament.
Keep your users happy by making it easy for you to be contacted, but be inundated with SPAM enquiries or
Have a reCAPTCHA and risk your customer not being able to contact you.
There’s Good News
Version 1 of the reCAPTCHA service shown above is now being retired.No more typing, guessing and being frustrated.Google (who owns and runs the CAPTCHA service) have rolled out a few iterations in the past few years, and most recently just launched the invisible CAPTCHA service.You may have seen the ‘i’m not a robot’ or the challenges screen which asked you to select all the road signs? They have now taken this one step further, so once implemented your users won’t need to select anything; it will automatically determine whether it believes the user is a human or a bot using cookies.If it believes you maybe a bot, then it will display the usual ‘Select a Road Sign’ style challenge.
Identifying The Different Versions
If your website is asking you to type in letters, then most likely enough your website has the retiring version 1.
If it displays the “I’m not a robot” text. Then you have version 2. This is also the version that will provide the ‘Road Sign’ style challenges like displayed below if it believes you maybe a spam bot.
You could also have the Invisible CAPTCHA, which if you view your website in Private browsing or Incognito mode, and hit your send button a few times, it should activate the ‘ROAD SIGN’ challenge.If it doesn’t, then your website might not have a CAPTCHA at all. Which if you’re not receiving spam emails; could be because your website is using other types of security, such as a web application firewall (WAF) or a separate plugin which has its own security features like Gravity Forms.
What will happen if I Don’t Update To Version 2?
If your website is running version 1 after March 31st 2018, any forms that it is associated with will no longer be protected, and may not allow users to complete enquiry, contact, signup, registration forms.
What Happens If I already have Version 2?
If your website is already displaying the “I’m not a robot” option, then your website forms will continue to function as per normal.
However knowing that the new Invisible CAPTCHA is being rolled out, it may only be a limited time until Google decide to retire version 2. Just food for thought, if you wanted to improve the user experience on your website, you could implement Invisible Captcha now.
Is this a big update and what are the costs likely to be?
Information and instructions can be found here on upgrading to either Version 2 or the new Invisible Captcha. If you choose to carry out this update yourself, follow the guides that Google provides, there is no cost for upgrading.
If you’re pressed for time or this is not your area of expertise, then Impact are charging a flat fee of £300+vat* for the replacement of reCAPTCHA and upgrade you to either version 2 or the new invisible CAPTCHA; whichever you prefer.
(Please note if implementing into more than one position throughout your website, a further quotation will be provided)
Don’t Have a CAPTCHA or Want to remove it completely?
If you have a WordPress website then there are a couple of alternatives.
Sucuri – Web Application Firewall (WAF)
Our Support Unlimited customers are screened through a web application firewall which as well as protecting your forms from bot attacks which will reduce bot form completions whilst also screening and protecting from brute force attacks, DDos attacks, hack attempts and security exploits.
For non Support customers, you can purchase Sucuri for your WordPress website from $19.98 per month.
You can learn more about Sucuri here or speak to us about our Support Unlimited plans where Sucuri and many other features are incorporated for a fixed monthly fee.
Gravity Forms is a premium plugin for WordPress that allows you to generate custom forms within your website, capturing and storing lead data and providing marketing teams the ability to drop in new subscription and signup forms within their content of the site themselves, without paying for maintenance updates to your web team.
The form plugin also has a feature called Anti-Spam Honeypot. This feature when enabled displays a hidden box which is designed to tricks bots, who will automatically place text within the box to forcibly complete the form. In most cases this box is hidden to users as its placed within the code area, which only bots would crawl. (If the box does display, it can be hidden using HTML).
This feature when applied stops bots from completing forms, and provides a very similar solution to the invisible CAPTCHA service.
Gravity Forms Implementation
We recommend and install the Gravity Forms plugin on every website we build. We utilise our developer license and via our Support Unlimited plans we incorporate the yearly renewal fees – meaning that our customers don’t have to manage or pay for renewals.