CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It is a type of security measure known as challenge-response authentication that helps protect websites from spam, password decryption, and unauthorized account entry by asking users to complete a simple test that proves they are human and not a computer trying to break into a password-protected account. CAPTCHA tests are made up of two simple parts: a randomly generated sequence of letters and/or numbers that appear as a distorted image, and a text box. To pass the test and prove human identity, users simply type the characters they see in the image into the text box.

CAPTCHAs are designed so that humans can complete them, while most robots cannot. They are used to prevent spam on websites, such as promotion spam, registration spam, and data scraping, and bots are less likely to abuse websites with spamming if those websites use CAPTCHA. Many websites use CAPTCHA effectively to prevent bot raiding. CAPTCHAs are also used to authenticate that the entity attempting to access the resource is actually human and not a bot or other piece of malicious software.

While primarily used for security reasons, CAPTCHAs can also serve as a benchmark task for artificial intelligence technologies. According to an article by Ahn, Blum, and Langford, "any program that passes the tests generated by a CAPTCHA can be used to solve a hard unsolved AI problem." They argue that the advantages of using hard AI problems as a means for security are twofold.

In summary, the purpose of a CAPTCHA is to differentiate between real users and bots, prevent spam, and strengthen the security around the most sensitive account access points.