reCAPTCHA

What Is reCAPTCHA?

reCAPTCHA is Google's bot detection and abuse prevention service that protects websites from spam, credential stuffing, and automated abuse. Originally developed by Luis von Ahn at Carnegie Mellon University and acquired by Google in 2009, reCAPTCHA protects millions of websites worldwide.

Versions

reCAPTCHA v2 presents users with a checkbox ("I'm not a robot") and may issue visual challenges if the risk score is unclear. The invisible variant runs in the background and only presents challenges to suspicious traffic.

reCAPTCHA v3 works entirely in the background, returning a risk score between 0.0 and 1.0 for each interaction without ever interrupting the user. Site owners decide how to use the score: blocking, requiring additional verification, or allowing the action.

reCAPTCHA Enterprise provides enhanced protection for businesses with detailed risk analysis, account defender capabilities, password leak detection, and multi-factor authentication integration.

How It Works

reCAPTCHA analyzes browser behavior, mouse movements, typing patterns, and contextual signals to distinguish humans from bots. The machine learning models are trained on the billions of interactions Google processes daily, continuously improving detection accuracy.

Why Use reCAPTCHA

Website owners protecting forms, logins, and transactions from automated abuse choose reCAPTCHA for its proven detection capabilities and free availability for most use cases.