Saturday, September 30, 2023

Cloudflare’s Turnstile Is The Next CAPTCHA Replacement To Determine If You’re Human

Must read

Shreya Christina
Shreya has been with for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Turnstile is presented as “an easy-to-use, privacy-preserving alternative” to CAPTCHA. According to a press release, it will remove the interactive challenges used to authenticate people, which Cloudflare says normally take 32 seconds to pass, and reduce the entire process to one second.

An interaction-free test that reduces confirmation time to one second

Instead of presenting a user with a visual puzzle, Turnstile applies one of the many browser challenges it spins to search for human behavior, increasing the difficulty if a visitor exhibits “non-human behavior.” Turnstile uses JavaScript-based challenges that read the web browser environment for signals indicating that a person is entering the site, cycle through tests such as proof of work, proof of space and web API searches. It also uses machine learning models to compare previously successful challenges with new ones, speeding up the process.

Instead of seeing a puzzle, you only see this banner as confirmation that you are human.

Instead of seeing a puzzle, you only see this banner as confirmation that you are human.
Image: Cloudflare

While hardware keys can work well, they require that users always have access to them. So the company has also created a version that can ‘ask’ a trusted device (smartphone or otherwise) whether it is indeed not controlled by a bot.

Cloudflare’s Turnstile is now available in beta, free to use, and you don’t need to use the company’s other web services or send your traffic through its network. The process to set it up is detailed on Cloudflare’s website and involves replacing your current CAPTCHA JavaScript with one that calls the Turnstile API.

More articles

Latest article