I have a phpBB 3 forum. In the pass, my board was flooded by many spammers (about 500 posts every night). So I was enable reCAPTCHA to prevent. Everything seemed to OK to recently days.
Yesterday and today, I am socked because of many spams. I am doubting reCAPTCHA's solid in the battle of violent spammers.
When trying to play with reCAPTCHA, I realize that we don't need type all of characters of two words to valid. We can type first word (easy to read) and the first letter of second word is enough to reCAPTCHA accepts me.
First word in reCAPTCHA is not complicated, I think, some crazy spammers could crack by writing an OCR utility to read and auto-fill form.