Generally described, computing devices may provide network content or services. Some network content or services are only available to users after a user creates an account or otherwise provides personal information, such as name, email address and/or other information. Typically, account creation requires submitting one or more forms with information related to the user. Malicious attackers use automated scripts or robots (sometimes referred to as bots) to repeatedly complete network forms to achieve some benefit or gain, such as gaining access to network content or services. One response to malicious attackers is to implement a test to distinguish between humans and computers or automated scripts. For example, the Completely Automated Public Turing test to tell Computers and Humans Apart (“CAPTCHA”) is commonly used that may display text as a graphic, which may be partially obscured or distorted, and require the user to respond with an answer. If a user cannot correctly answer the CAPTCHA, then access to the network form, content, or service may be denied.