Can’t Trick the Human Brain: The Spooky Decline of CAPTCHA and New Ways to Treat It

CAPTCHAs (Completely Automated Public Turing tests to tell Computers and Humans Apart) have been a staple of online security for years. They've successfully spooked bots away by presenting puzzles that humans could solve but machines struggled with. However, much like a haunted house that’s seen one too many visitors, CAPTCHAs are losing their scare factor. Advances in machine learning and AI have made it easier for bots to solve these puzzles, making it clear that CAPTCHAs as we know them are becoming less effective. So, what’s the next step in keeping the bots out and the humans in?

Let’s explore a new approach that could breathe fresh life into CAPTCHAs—by taking advantage of the human brain’s natural ability to solve real-world, analog problems, all while throwing in a little Halloween fun.

The Ghosts of CAPTCHAs Past

Once upon a time, text-based CAPTCHAs, like reading a jumbled word, were a great defense. Then came image-based CAPTCHAs—"click on all the traffic lights"—which added a layer of visual complexity. But here’s the trick: AI systems have caught up. Bots have been trained to recognize distorted text and analyze images. Today, solving even the more complicated puzzles, such as identifying subtle differences between images, is no longer a scary challenge for them. CAPTCHA bots are now able to defeat 100% of image-based CAPTCHA systems. From here, Google and others turned to analyzing user behavior to silently determine whether an interaction is coming from a user or bot. However, even these can now be solved with AI, such as CaptchaAI.

What’s worse, as these puzzles become harder to beat for bots, they also become harder for humans, turning a quick security measure into a frustrating user experience. Nobody wants to spend five minutes deciphering blurry street signs just to log into their favorite website. The ghosts of CAPTCHAs past are haunting both humans and websites alike.

The Power of the Human Brain: Intuition in Spooky Situations

As bots get better at these traditional tasks, perhaps it’s time we leaned into what humans do best: solving real-world, physical problems without even thinking about it. Consider this: you don’t need to do complex math to figure out how to throw a ball in an arc to hit a target. You just… do it. You don’t sit there calculating angles or velocity when you balance two kids on a seesaw. The human brain naturally processes and solves these kinds of problems through instinct and experience. It’s intuitive, and machines still struggle with that kind of problem-solving.

This kind of “analog” thinking is exactly where bots falter. While traditional machine learning needs to be trained with a massive amount of data to recognize patterns, it still struggles when faced with real-world, dynamic situations that require intuition. Even generative AI, which can craft poems and create realistic images, is weak at basic math and lacks spatial reasoning skills. Try asking an AI to estimate the arc of a falling object—it’s more likely to fumble than get it right.

A Halloween CAPTCHA Experiment: The Falling Skull Challenge

Let’s add a bit of Halloween fun to the mix. I recently created an entry for a Halloween event put on by Laurie Kirk (LaurieWired on YouTube). For my entry, I created a CAPTCHA game where the user had to guess which Halloween bag a skull would land in based on its trajectory. While I don’t think it’s a serious CAPTCHA solution, it highlights the kind of task that bots might struggle with—predicting a natural, physical outcome.

For humans, predicting where the skull will land is almost second nature. We understand how objects fall, the speed of gravity, and how small changes in height or angle can affect the outcome. For AI, however, this presents a much harder challenge. It doesn’t “understand” physics in the way humans do. AI might try to calculate it, but generative AI is notoriously bad at estimating numbers and making these kinds of real-world predictions. To test this game out against a modern Generative AI, I clipped 5 recordings to the middle point, saved as animated gifs, and uploaded to ChatGPT 4o. Although it was able to determine that they were a parabolic arc, it was unable to make the correct guess on the first try in all 5 recordings. Asking it to check again revealed that it would happily keep guessing a different bag each time.

The challenge? Guess where the skull lands. The reward? Access to a secure system. While this Halloween experiment might be a lighthearted example, it illustrates the direction CAPTCHA could go—solving problems that require a human brain’s inherent knack for intuitive physics.

Future of CAPTCHAs: Treats, Not Tricks

As we look for ways to improve CAPTCHA, it’s clear that taking advantage of physical intuition could be a new bag of treats to trick the bots. Imagine future CAPTCHAs that ask humans to predict how objects will behave in a physical setting—like which way a ball will roll, how water will flow, or how objects will balance. These are areas where the human brain shines, and bots find it much harder to compete.

However, the challenge remains: creating these CAPTCHAs in a way that doesn’t frustrate human users but still blocks bots. The balance between security and usability is always key. Tasks need to be intuitive and quick for users but complex enough to keep bots out. And of course, a model could be trained on this game specifically, or other types of AI used to get a correct answer 100% of the time, but only after training. If designed right, this next wave of CAPTCHA could keep things fun while remaining secure. We would have to stay ahead of the training however. Who knows, maybe we can leverage AI on the creation side as well to keep training on the specific CAPTCHA types impractical.

Conclusion

The days when bots cowered before distorted text and image grids are coming to an end. AI is evolving, and CAPTCHAs need to evolve, too. By leveraging human intuition—our ability to predict, feel, and sense the world in ways AI can’t—we can create a new kind of CAPTCHA that offers a challenge bots aren’t prepared for. Whether it’s predicting where a falling skull will land or balancing objects on a seesaw, the future lies in creating intuitive, real-world puzzles that bots can’t easily solve.

So, as we move past the old tricks, let’s give bots a new treat to chew on, and make sure it’s a challenge only the human brain can tackle.

FYI - if you are interested, the source for this CAPTCHA game is available at https://github.com/cognitivegears/halloween_captcha