For a number of years, many websites have used CAPTCHAs to filter out
interactions by bots. However, attackers have found ways to circumvent CAPTCHAs
by programming bots to solve or bypass them, or even relay them for humans to
solve. In order to reduce the chances of success of such attacks, CAPTCHAs can
be strengthened by the addition of certain safeguards. In this paper, we
discuss seven existing safeguards as well as five novel safeguards designed to
make circumventing CAPTCHAs harder. These safeguards are not mutually exclusive
and can add multiple layers of protection to a CAPTCHA. We further provide a
high-level comparison of their effectiveness in addressing the threat posed by
CAPTCHA-defeating techniques. In order to focus on safeguards that are usable,
we restrict our attention to those which have minimal adverse effect on the
user experience