by Ula Chwesiuk Dec 11, 2023

I’m not a robot. Can you prove it? Then, select all squares containing fire hydrants. And traffic lights. And bikes. Sound familiar? We’ve all been there. These are some of the many challenges you may be asked when you want to, for example, log in somewhere. These little tasks are all because of a tool called reCAPTCHA. We may feel it is inconvenient and pointless because it’s obvious we’re not robots, but we also may not realize how essential it is for our security. If you’re still not sure what the point of using reCAPTCHA is, this article is for you. We’ll tell you what reCAPTCHA is, including its different versions, and how to implement it on your website.

What is reCAPTCHA?

It all started with the invention of CAPTCHA, which stands for the Completely Automated Public Turing test to tell Computers and Humans Apart. In general, it is a challenge-response test for web hosts to determine whether the website visitor is human. It was created to protect your website from bot attacks and spam. It usually appears in login and signup forms, online polls, or checkout pages. Initially, it involved asking users to decipher a hard-to-read text. The first form of CAPTCHA consisted of distorted letters you had to identify because bots are not likely to identify them. As a user, you had to type the correct letters. If they didn’t match, you had to try again with a new set of letters.

ReCAPTCHA was created by Google and is the most popular CAPTCHA system. There are other tools such hCatpcha, Akismet, or BotDetect, which offer similar bot protection. For this article though we’ll focus on reCAPTCHA. So, let us now discuss its different versions.

Versions of reCAPTCHA

reCAPTCHA evolved over the last 16 years, and it’s worth mentioning each version was seen as an impressive innovation in abuse protection.


This version is no longer available as Google shut it down in 2018. It was a simple human-assisted object character recognition. The user was presented with a pair of words - one could be identified by a computer, but the other one could only be identified by a human.


It is the most popular version of reCAPTCHA and can appear in three types. The first one requires the user to click the “I’m not a robot” checkbox to confirm they’re human. The test analyzes the movement of the user’s cursor as it approaches the checkbox. If the system cannot determine whether the user is a person, it may present an additional challenge, like image recognition.

The second type of reCAPTCHA v2 is called Invisible, as it is designed to work in the background. You will only see the its symbol which indicates that the domain uses this verification method.

The third type is for Android mobile applications.


This version of reCAPTCHA was designed to verify users’ behavior without interacting with them. It’s a score-based verification in which the system takes a holistic look at the user’s behavior and their previous interactions with the website.

Why you should use reCAPTCHA

First and foremost, it protects your website from fraud and abuse. In other words, it stops bots and other automated attacks. With reCAPTCHA, only valid users are approved to proceed on your website, and your data is protected. Now that we’ve discussed why using it is so important, let’s move on to how to implement it on your website.

How to implement reCAPTCHA on your website

To turn reCAPTCHA on your website, you have to log into your Google account and register your website in reCAPTCHA. Then, you will choose which type you want to use - score-based (v3) or challenge (v2). Then, you will need to provide your domain. You can also create a label with which you will be able to easily identify the website in the future.

After the registration, you will receive unique API keys from Google. They will be necessary for the correct reCAPTCHA integration on your website.

Now, you have to implement reCAPTCHA into the website code. Depending on the type you chose, paste the proper JavaScript into your website. Add the script and place the HTML code where you want the reCAPTCHA to appear. Connecting to its server will allow you to verify the users who visit your website.

Wrapping up

No matter what version of reCAPTCHA you choose to implement on your website, it’s a crucial security measure for protecting your data. It is a powerful, reliable and seamless tool to protect your website from fraud and abuse.

If you like this article, share it with friends:

Ula Chwesiuk

Ula is a content creator at Elastic Email. She is passionate about marketing, creative writing and language learning. Outside of work, Ula likes to travel, try new recipes and go to concerts.

Related Articles

Ready to get started?

Tens of thousands of companies around the world already send their emails with Elastic Email. Join them and discover your own email superpowers.

Instant setup No credit card required