Web security has become vital, as the practice of internet is embryonic nowadays. To protect network from adversaries and to improve web security, researches has been done for a long time. The most solemn issue is phishing attack as well as access of web services by illicit users. Many users are not even sentient about phishing websites. Phishing is a kind of falsified approach employed by an attacker to get sensitive information from the users who are unaware of phishing attacks. User authorization is a noteworthy security measure that confirms the integrity of the user and ensures the confidentiality associated user data. The significant work done here is to prevent web users from entering into phishing websites and to provide web access only to authorized users via web server. Applications based on CAPTCHA provides more security against attacks. The proposed novel technique identifies phishing websites and authorized web access using Cropped Image CAPTCHA algorithm. The image CAPTCHA technique is not easily prone to web attacks moreover. Threshold values and conditions are defined. Based on this, Cropping-Based Image CAPTCHA System appraises if the website is phishing website or legitimate website furthermore denies acquiescence to web admittance for unconstitutional users. Copyright © 2017 John Wiley & Sons, Ltd.