How to Enable Customer Login / Register Captcha in Magento 2

Magento 2 supports administrators to set CAPTCHA requirement for each time customers log into their accounts. This CAPTCHA enables the website to avoid spam and prevents the robots from login to the website. Thus, to effectively increase your store security and build customers’ trust, you should enable Admin login Captcha and install the Security module.

In the backend, you can configure whether customers are required to enter a CAPTCHA each time they log into the website, or after several unsuccessful attempts to log in.

Where can you enable CAPTCHA in Magento 2

Admins can configure to show CAPTCHA requirement for the following forms in the storefront:

• Create User
• Login
• Forgot Password
• Checkout as Guest
• Register During Checkout
• Contact Us

You can check these FREE Mageplaza’s module help you protect online store:

• Magento 2 Two-Factor Authentication
• Magento 2 Google reCAPTCHA

Steps to Configure a Storefront CAPTCHA in Magento 2

Please follow these steps to complete enabling a CAPTCHA at the storefront:

• On the Admin panel, click Stores. In the Settings section, select Configuration.
• Select Customer Configuration under Customers in the panel on the left
• Open the CAPTCHA section, and continue with following:

• In the Enable CAPTCHA on Frontend field, select “Yes” to enable CAPTCHA on Frontend
• In the Font field, select the name of the Font to be used for the CAPTCHA symbols. The default is LinLibertine.
• In the Forms field, select one of the following forms where CAPTCHA is to be used
  • Create User
  • Login
  • Forgot Password
  • Checkout as Guest
  • Register during Checkout
• In the Displaying Mode, choose one of the following
  • Always
  • After number of attempts to login
• In the Number of Unsuccessful Attempts to Login field, enter the number of unsucessful attempts to login before captcha appears. If you enter Zero, the Captcha will be always available
• In the CAPTCHA Timeout (minutes) field, enter the number of minutes before the CAPTCHA expires. When the CAPTCHA expires, the user must reload the page to generate a new CAPTCHA.
• In the Number of Symbols field, enter the range number of symbols that CAPTCHA will be changed in, for example: 3-7. The maximum number of symbols is eight.
• In the Symbols Used in CAPTCHA field, specify the symbols that can be used in the CAPTCHA. Set only letters (a-z and A-Z), or number (0-9) to enter into the box. No spaces or other characters are allowed and the similar symbors is not used in the default.
• In the Case Sensitive field, select Yes if you require that the user enter the upper-and lowercase characters exactly as shown
• When complete, click Save Config

A better CAPTCHA solution for your store

To protect your store without effort, Google reCAPTCHA by Mageplaza supports you with easier and quicker installation, as well as outstanding features:

• Visible and Invisible CAPTCHA supported
• Use reCaptcha in any forms
• Support reCAPTCHA in the backend
• Enable multi languages in CAPTCHA puzzles
• Works out of the box with other extensions: Blog, Social Login, One Step Checkout

Discover Mageplaza Google reCAPTCHA here

Final words

Today we have discussed how to enable Customer Login and Register CAPTCHA in Magento 2 to give your store a secure protection. However, the default Magento 2 only gives basic CAPTCHA solutions, while online stores need more than that. That is why we highly recommend you to try our Google reCAPTCHA to increase user experience without effort. If you still have doubts, take a look at these actual case studies. Also, please find some other security related topics below for your interest.

Related Topics

• Security Checklist
• Secure Your Admin
• How To Stop Brute Force Attacks