@_leonardo_ said:
is it simple enough that my grandma could get past it? yes.
is someone going to code a robot to exploit it? probably not. And if they did, you could change the 'hint' to 'remove all X's from this group of letters', and other easy human-readable instructions.
i dub it: good enough.
... then again, if we could see under the hood, who knows what ghastly authentication we might find...
True, but it still shows lack of knowledge on what a captcha actually
does. Because if you're trying to do an anti-spam system based on that (there are many sites that use one) you just add "type XYZ here to continue", or an invisible field, some javascript checks, whatever. You don't need to dynamically generate letters and spaces because the whole point is that nobody is going to spend even 30 seconds coding a spam bot just for your site.
Some time ago I tried searching for more info on "alternative Captchas" (the ones where you have to tell cats apart from dogs, or rotate a picture, etc.) and the amount of cargo cultism was astounding. There were hundreds of results that were just "Hey guys, I had an idea, what if instead of typing a word you just have to drag something from left to right?" that were clearly from people who thought a captcha is just a chore you have do do before you can register or send a message.