# Honeypot spam filtering

> Formspree Docs · Building Your Form · Updated December 10, 2025

#### Available on: All plans

Sometimes you can fool automated form scrapers by adding a hidden "honeypot" input with the name `_gotcha`. This is an input field that normal visitors won't fill out because it's hidden with CSS. However an algorithm scraping forms might not know to ignore the field, and might fill it with spammy content.

When our servers receive a submission, if the `_gotcha` field is filled in, we take that as a sign that a bot has submitted the form, and we silently ignore the submission.

All forms come with [reCAPTCHA](https://www.google.com/recaptcha/intro/), which uses machine learning techniques to distinguish between humans and bots, so for most forms this isn't necessary.

Here's an example of how to use the `_gotcha` field. Note that we use an inline style here, but it's best to hide the input with a CSS class.

```html
<input type="text" name="_gotcha" style="display:none" />
```