CAPTCHAs are tests used by resource-rich websites to ensure that humans, but not malicious automated programs, have access to their resources. Most CAPTCHAs are visual tests (e.g. identifying distorted text), but auditory versions are necessary to provide access to the visually impaired, and are currently deployed at commonly used websites such as Google and Facebook. To be effective at deterring automated programs, they must be at least as secure as their visual counterparts. Assuming that the attacks against auditory CAPTCHAs will depend on automatic speech recognition systems (ASRs), we undertook the project of designing auditory CAPTCHAs that would take advantage of the weaknesses in ASRs as compared to the human auditory system. Examples of such weaknesses of ASRs, relative to humans, include impeded recognition in the presence of broadband and time-varying noise such as multiple simultaneous speakers. Results show that a combination of such disruptive noise types can outperform currently employed techniques while still maintaining human intelligibility.