The fully automated public Turing test to distinguish between computers and humans is one of the most annoying features of the Internet. You know it as a CAPTCHA, the feature that forces you to identify yourself as a human before continuing to log in. It’s a smart security feature, but that doesn’t make it any less annoying. Now that iOS 16 is available on iPhone, you can bypass most CAPTCHA systems that will come your way. And the good news is that the feature will soon be available for more services.

How to bypass CAPTCHA in iOS 16

We told you about iOS 16’s brilliant CAPTCHA bypass back in June when the first betas hit iPhone.

It’s a feature that’s pretty easy to set and forget about. Even better, it should be enabled by default on your iPhone.

If you don’t know if it’s enabled on your iPhone, make sure you’ve installed iOS 16 and then go to Settings app. Tap your name to enter iCloud settings and search Password and security menu.

You’ll want to in there activate on Automatic check option. This is the actual CAPTCHA bypass that comes with iOS 16. Here’s how Apple describes it on the iPhone:

Bypass CAPTCHA in apps and on the web by letting iCloud automatically and privately verify your device and account.

Improved privacy is another big win for Apple’s CAPTCHA verification system.

iOS 16’s CAPTCHA bypass feature. Image source: Chris Smith, BGR

More websites to support the feature

As easy as it is to bypass CAPTCHA in iOS 16, enabling the feature is not enough to get rid of all those CAPTCHA checks. Websites and apps must support Private Access Token for the feature to work.

Fortunately, Cloudflare just announced a free API for companies so that their websites and apps can eliminate CAPTCHA on devices that have built-in features like iOS 16’s automatic verification. Here it is how will it work:

Private access tokens are built directly into Turnstile. While Turnstile needs to look at some session data (such as headers, user agent, and browser characteristics) to validate users without challenging them, Private Access Tokens allow us to minimize data collection by asking Apple to authenticate the device instead us. In addition, Turnstile never seeks cookies (such as a login cookie) or uses cookies to collect or store information of any kind. Cloudflare has a long history of investing in user privacy, which we will continue with Turnstile.

The best part about it is that it’s free for any website owner to use, not just Cloudflare customers. Cloudflare also emphasizes the privacy aspect of CAPTCHA systems and its commitment to user privacy.

Apple’s CAPTCHA bypass in iOS 16 is the result of a collaboration with Cloudflare. The feature will also be available in iPadOS 16 and macOS Ventura later this year when both operating systems arrive.


More Apple coverage: For more Apple news, visit our iPhone 14 guide.


iOS 16’s game-changing CAPTCHA bypass is about to get even better

Previous articleGM Cruise robot taxis are causing headaches for San Francisco drivers
Next articleMore design tools, improved lists, easier block switching – WordPress.com news