Most websites — including those using WordPress — deal with spam on a daily basis. Even if you just created your first site a few weeks ago, chances are you’re already facing the reality of spam comments, queries, account sign-ups, and more.
CAPTCHAs can effectively mitigate unwanted spam, especially if it’s coming from your contact forms. But while one can help alleviate problems with spam, you’ll likely encounter the unintended consequence of a more difficult experience for your real visitors.
That’s why many sites have chosen to use Akismet — a more streamlined anti-spam solution for WordPress — instead.
So, which option is right for your site?
In this article, we’ll start by talking about the downsides and alternatives to using CAPTCHAs, so you get the full picture. Then, we’ll show you how to protect your WordPress contact forms both with and without CAPTCHAs.
What is a CAPTCHA?
CAPTCHA stands for “Completely Automated Public Turing Test to Tell Computers and Humans Apart.” Phew!
The earliest versions presented users with distorted text they’d have to decipher. Because it was difficult to complete, it could fairly accurately tell humans and computers apart.
What are the downsides of using a CAPTCHA?
To put it simply, people hate CAPTCHAs. That’s not a matter of opinion, either. A Stanford study shows that only 71 percent of users attempt to solve CAPTCHAs when they run into them. The rest of them outright leave the page.
Another study from Moz confirms those numbers. It shows that, on average, 30 percent of users leave pages with CAPTCHAs, either while trying to solve them or before trying. The same study states that simply adding a CAPTCHA can lower your site’s conversion rates by 3.2 percent.
If you’re relatively tech-savvy, you probably don’t struggle at all with solving CAPTCHAs. But, a lot of the users that decide to leave a page when they see one do so because CAPTCHAs are designed to be difficult to solve.
According to Stanford, solving a video CAPTCHA can take up to ten seconds on average and audio CAPTCHAs have a staggering failure rate of 50 percent. Even regular image CAPTCHAs can be difficult to solve since they intentionally obfuscate letters and symbols. Some pages even ask you to resolve multiple CAPTCHAs before letting you proceed.
To be fair, CAPTCHAs work. They provide a functional solution to a problem that most websites struggle to deal with.
The problem is, using a CAPTCHA shifts the responsibility to users. It’s like asking store customers to prove they’re not thieves before they can make a purchase. Furthermore, it’s not a good option when it comes to accessibility standards. That’s because it might alienate users with vision or hearing impairments. Since there are indeed alternatives to CAPTCHAs, you might want to consider which option to use before implementing them.
What are the different kinds of CAPTCHAs?
There are lots of types of CAPTCHAs. Most websites use reCAPTCHA, which is a free solution (for up to 1,000,000 assessments per month) from Google. When you run into a contact form that uses reCAPTCHA, you’ll need to check a box that says, “I am not a robot.”
If the service detects any suspicious movement or activity with your connection, you’ll need to solve an image puzzle. In most cases, the puzzle will ask you to identify multiple similar elements from a cluster of images. Depending on the case, you might need to solve multiple image puzzles before submitting a form.
Aside from reCAPTCHA, you might also run into audio or video CAPTCHAs. These tend to be worse (from a user standpoint) because you’re required to watch and/or listen in full before you can solve the puzzle. In a lot of cases, this might not even be possible if you’re somewhere where you can’t listen to audio, don’t have a pair of headphones on hand, or have an impairment.
The ideal CAPTCHA is one that requires very little work from users while still providing a solid level of protection from spam. It should also be accessible to as many people as possible. Some CAPTCHA alternatives, like Akismet, can provide this.
What’s the best CAPTCHA alternative?
If you want to eliminate spam from your WordPress site, but don’t want to push away visitors with complicated, annoying tests, the best CAPTCHA alternative is Akismet.
Meet Akismet: The non-intrusive spam blocker
Akismet is one of the most popular WordPress tools on the market. It’s designed to help you prevent spam without adding complications for visitors, by identifying spam and malicious comments submitted through your site’s forms.
It’s ‘non-intrusive’ because Akismet can protect your website from spam without using CAPTCHAs. The service analyzes every comment and form submission on your website to see if it matches known spam or malicious IP addresses, or if it follows patterns that raise red flags (like linking to unrelated third-party sites).
You can configure Akismet to automatically delete these submissions or let you review them to check if they’re from real visitors. In either case, visitors never see a CAPTCHA when you’re using Akismet. Your site remains protected, and the user experience improves drastically.
Everything happens in the background. There’s nothing special for visitors to fill out. No puzzle, no audio to listen to, no stop signs to identify. Real visitors can go on their way none-the-wiser. Spam submissions are then identified and deleted or sorted for you to review later.
How to add Akismet to a WordPress contact form
Adding Akismet to WordPress contact forms is easy. You can do it in just a few steps. Still, the process can vary slightly depending on the type of contact form or plugin you’re using, so let’s discuss how it works!
Step 1: Install and activate Akismet
Non-commercial sites can use Akismet for free to stop spam comments and nefarious contact form submissions. To get started, you’ll need to install and activate the plugin.
Go to the Plugins tab in your WordPress dashboard. Then, click on Add New and use the search tool to look for the Akismet plugin. In a lot of cases, it will be an option among the top ‘featured’ plugins.
When you find the plugin, click on Install → Activate. Once the plugin is active, go to Settings → Akismet Anti-Spam. Under the Settings section, you’ll see a field where you need to enter an API key.
To get this key, go to the Akismet website and sign up for an account. After you sign up, you’ll get access to the Akismet dashboard. Go to the My Account tab and select the Add Subscription option.
On the next page, you’ll be able to choose which plan you want to use. The Personal plan uses a pay-what-you-want model, so you can sign up for free and use it for a single website. Keep in mind that you can only sign up for this free plan if you don’t run ads, sell products, or promote a business through your website.
After confirming your subscription, you’ll get access to an API key, which you can see in the My Account tab. Copy the key and return to the Settings → Akismet Anti-Spam screen in the WordPress dashboard. Paste it in the API Key field.
Click on Save Changes and that’s it. By default, Akismet will block comment spam and send it to a queue where you can review submissions in the dashboard. There’s an extra step involved if you want to use Akismet with a contact form.
Step 2: Integrate Akismet with your contact form
WordPress doesn’t offer contact form functionality out-of-the-box. That means most users rely on plugins to implement these types of forms on their websites. This step will depend on what contact form plugin you’re using.
Akismet works with most popular WordPress contact form plugins. Some plugins, like Formidable Forms and WPForms include built-in support for Akismet. With either plugin, you just need to enable the Akismet spam protection setting for each individual form.
Other plugins, like Gravity Forms, require you to set up Akismet add-ons to add spam protection to their forms. Finally, there are some tools, like Contact Form 7 and Ninja Forms which require you to add code snippets to your forms to enable support for Akismet. Fortunately, all three of these methods are pretty straightforward.
For the easiest solution, consider using Jetpack’s WordPress contact form functionality.
Read more: How to use Akismet with WordPress contact forms.
Step 3: Configure Akismet’s anti-spam settings
Akismet is pretty much a plug-and-play tool, which can be appealing if you’re looking for something quick and easy. In any case, it also gives you control over how you want to handle contact form spam.
By default, the plugin sends comments it flags as spam to a special ‘queue’ where you can review them (in the Comments section of the dashboard). Alternatively, you can configure Akismet to discard spam completely, so you don’t have to deal with it.
To do this, go to Settings → Akismet Anti-Spam and search for the Settings section. The option you’re looking for appears under Strictness.
Akismet does a great job of separating spam messages from real ones. That means you can choose to discard contact form spam without worrying too much about it. If you want to preserve every message to play it safe, opt for the Always put spam in the Spam folder for review setting.
Keep in mind that Akismet only stores spam comments for 15 days. After that, it deletes them automatically. This means you’ll want to review the queue every week or every two weeks at the most.
How to add CAPTCHA to a WordPress contact form
The process of adding CAPTCHAs to WordPress contact forms will depend on what service you’re using. Since reCAPTCHA is the most popular CAPTCHA solution on the web, we’ll show you how to integrate it with a WordPress contact form.
Step 1: Sign up for a reCAPTCHA account
If you already have a Google account, you can access reCAPTCHA right away. Simply visit Google.com/reCAPTCHA and select the v3 Admin Console option in the primary navigation menu.
Click on the plus sign icon in the reCAPTCHA dashboard and enter a label for your website. This can be any unique identifier. Then, choose what type of reCAPTCHA you want to use for your site.
The most common type of CAPTCHA is reCAPTCHA v2, which forces users to solve a challenge or a puzzle to make a submission.
Next up, look for the Domains field. Enter the domain of the website where you want to use reCAPTCHA.
After entering the domain, you’ll need to review reCAPTCHA’s terms of service, agree to them if you do, and submit the form. Then, reCAPTCHA will provide you with a site and a secret key. You’ll need both for the following steps, so keep the tab open or copy and paste them somewhere safe.
Step 2: Find a plugin that’s compatible with reCAPTCHA
There are a handful of WordPress contact form plugins that are compatible with reCAPTCHA. But, not all of them support it out-of-the-box. Some plugins will simply need an add-on, but a lot of them require you to add custom code directly to individual contact forms in order to display challenges.
What’s more, reCAPTCHA doesn’t offer documentation showing which WordPress plugins are compatible with it. However, the most popular contact form plugins will likely have an integration method.
If you’re not sure whether the plugin you’re using is compatible with reCAPTCHA, you should check its documentation. If you discover that it’s compatible, you should be able to find instructions on how to implement the anti-spam system with your contact forms.
Frequently asked questions about CAPTCHA and WordPress forms
If you have any questions left about CAPTCHAs and how they work, this section will answer them. Let’s start by reviewing what CAPTCHAs are.
What is CAPTCHA?
A CAPTCHA is a kind of test designed for users to prove that they’re humans and not bots. This is necessary because most websites with comment sections or contact forms have to deal with a lot of bots and spammers.
These bots tend to leave spam comments pointing toward other websites or try to find vulnerabilities in forms. CAPTCHAs help stop them since they require some level of human ingenuity to solve. Typically, CAPTCHAs involve image puzzles, but they can also use video or audio.
What is reCAPTCHA?
reCAPTCHA is a CAPTCHA tool offered by Google. It functions as a ‘freemium’ service that provides up to 1,000,000 assessments per month in as many forms as you need.
If you implement reCAPTCHA, visitors need to check a box before submitting a form to confirm they are human. The service may request additional confirmation in the form of visual tests if it detects any anomalies.
What is contact form spam?
Spam is everywhere online, from comment sections to contact forms. Every time you create a form, you open another venue for spam. There are a lot of bots and people dedicated to using forms to submit spam, ranging from promoting their own content to sharing links to malicious sites.
Contact form spam is any submission that’s not designed to fulfill the purpose of the form but to bypass it or to trick you into taking an action with negative consequences. This type of spam is typically easy to spot, but dealing with it can take up a lot of time you could otherwise spend responding to legitimate queries.
Is CAPTCHA the best solution for contact form spam?
CAPTCHAs are an effective way to reduce contact form and other types of spam. But, research shows that users react very negatively to CAPTCHAs. On average, 30 percent of users leave a page when they see a CAPTCHA.
Although CAPTCHAs work, you need to decide whether they’re worth the loss of legitimate visitors and potential conversions. Moreover, there are alternatives to CAPTCHAs that are less intrusive, like Akismet. Alternative anti-spam tools that don’t force visitors to solve puzzles will offer a much better experience than CAPTCHAs.
Akismet vs CAPTCHA: Which one should I choose?
The answer to this question depends on what type of website you’re running and the user experience you want to offer. For ecommerce sites, the loss in visitors and conversions that CAPTCHAs often cause can result in a significant loss of revenue.
For contact forms specifically, using regular CAPTCHAs means you’ll lose out on some potential queries. Solutions like Akismet are less intrusive and just as effective. If you’re using WordPress, implementing Akismet is remarkably simple, which makes it a better solution than CAPTCHAs.
Will Akismet work with my contact form plugin?
Akismet works with most WordPress contact form plugins (at least the well-known options). Some plugins offer out-of-the-box compatibility with Akismet whereas others require you to install add-ons. For some plugins, you may need to add custom code to your forms, but the process is usually very simple.
How many WordPress websites trust Akismet?
Akismet is one of the most popular WordPress plugins in the world, bar none. There are over five million active installations of Akismet at the moment, and that number keeps rising.
In fact, many web hosts offer Akismet as one of a handful of plugins that come pre-installed with their WordPress setups. That’s because using Akismet from the get-go can help you reduce the level of spam you deal with and, thus, secure your website.
If you want to implement an anti-spam solution that doesn’t require you to force visitors to solve puzzles, Akismet is the way to go. Millions of users already trust Akismet to protect their sites, and it’s free for non-commercial sites. That’s why we listed it as one of the must-have plugins for WordPress sites.
Use Akismet to prevent spam in WordPress
If you have a website with forms, you probably need to implement some sort of spam protection. For a long time, CAPTCHAs have been the industry go-to. They’re relatively easy to implement, and they get the job done. Still, it’s unwise to ignore the negative effect they have on the user experience. Simply put, people do not like CAPTCHAs.
For the best spam protection without annoying site visitors, you should consider an alternative like Akismet. It’s cost-effective and simple to get started.
Want to keep your customers happy while also protecting your WordPress site from spammers and bots? Sign up for Akismet today!
Explore the benefits of Jetpack
Learn how Jetpack can help you protect, speed up, and grow your WordPress site.
Try it for $1.00 for the first month.Compare plans