Can anyone tell me what does CAPTCHA do as far as security issue is concerned?Registration form of many sites have this field but how it works?
Completely Automated Public Turing Test To Tell Computers and Humans Apart
It prevents hackers from posting forms using automatic scripts, by requiring the user to input data read from images which are difficult to read automatically. The text can also be in the form of a sound, as per @BeRecursive's comments See this site.
It is used for logins as well as on other data entry forms. Here on Stack Overflow, if you edit answers or questions a number of times, you will be prompted before further edits are accepted.
There are two main forms. One has a single combination of characters that the user has to enter, the other, such as on SO has two.
The CAPCHA with two words usually consists of a word known to the Web Application and a second word that it is trying to decipher. See this site (thanks @Piskvor) The first word is used for validating the user and the answers to the second word are compared to other users' answers for that word and in this way the probable meaning of the text is determined. This is performed as a public service to organisations such as Libraries and Public Archives that are scanning large numbers of historical documents. The Optical Character Recognition (OCR) is not perfect and sometimes the meaning cannot be determined. So the word is made available in the CAPTCHA of a participating website and the meaning is determined. This process has no affect on the user of the website as it is only the first word that is used to determine whether they are a robot.
CAPTCHA
is just a riddle in the form of image or sound. "Stupid" bots can't solve the riddle and so they can't enter the correct answer to the riddle. If the correct answer is not entered, then there is no registration. Simple as that:)
it is an attempt to stop bots from registering on a site, it works by generating and image with text on it, the idea is that it very difficult (though apprently not impossible) to write a bot that can recognize the text within an image, this is also why the text is in wierd fonts (sometimes making it impossible for human, well me, to read!!)
here is a good link
A CAPTCHA is a "Completely Automated Public Turing test to tell Computers and Humans Apart". This basically means it is a simple test that makes it easy for a programmer to tell if a user is a computer or a person. It is usually visual and it relies on the fact that object recognition (including characters) is in its infancy at the moment. Recognizing letters is trivial for a human, however.
This ensures that the only users who will be able to fill in the form are those that can easily identify the objects on the CAPTCHA, usually characters. This is generally used to prevent automated form filling by bots (and to prevent spam)
Its purpose is as a challenge-response test to demonstrate that the person using it is a human being and not an automated program. It doesn't really "secure" a website, it just makes it increasingly difficult for an automated system to access that functionality of the site. The idea is that some functions (such as posting a comment on a forum) should be done by real humans only and not automated processes.
This complexity can range wildly. There's the common "distorted text" CAPTCHA which requires the user to enter text displayed in an image designed to be difficult for a computer to read, but those are getting increasingly easier to beat with software. For accessibility purposes there are audio CAPTCHAs which play a short clip of a word and the user enters what they hear. I've even seen ones that ask simple questions that any reasonable person should be able to answer but may stump a computer that wasn't prepared for it. Some of my favorites are a matrix of pictures that say "click on the cat" or something else innocuous, which again a computer probably won't be able to do easily but a human would.
See Wikipedia: http://en.wikipedia.org/wiki/CAPTCHA
See Captcha.net: http://www.captcha.net/