Why? Well, to answer this quickly and as short as possible, it is to stop spam. First of all, you may want to know what is CAPTCHA and what is it stand for? The full form of CAPTCHA is a Completely Automated Public Turing test to tell Computers and Humans Apart. It is a type of challenge-response test used in computing to determine whether or not the user is human. In simple terms, it distinguishes between humans or bots.
These days, there are numbers of websites powered by WordPress. It ranges from small business to large corporate sites. These sites are often targeted by spammers. The reason behind this is simple, money. There could be other reasons too but primarily money is what makes them do it.
Spammers use automated tools to send form submissions. Spam not only flood your comment section but may also overwhelm the server resulting hosting provider to suspend your website. This will have an adverse effect on your business and may cost you a lot.
So, how do we stop it? Simple, make use of CAPTCHA. If you are using WordPress, it is even simpler. WordPress usage countless plugins from where you can choose the right option for you. Personally, I prefer you to check out Google recaptcha. You just need to generate your own key here and use it in the plugin that requires Google key. This will not only stop spam comments but will also help you to fight against automated brute force attack in your WordPress login page.