A CAPTCHA is a program that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot. The term “CAPTCHA” is an acronym for “Completely Automated Public Turing Test to Tell Computers and Humans Apart.”
In Magento, CAPTCHA can be used for both the Admin and customers. This tutorial will guide you to configure CAPTCHA for Admin and customers in Magento 2.
Configuring CAPTCHA for Admin in Magento 2
Before going into configuring CAPTCHA for your Magento store, first, you’ll need to have an API key pair (Google API website key & Google API secret key) for your website. This key pair is necessary for invoking Google’s reCAPTCHA service, as well as for verifying the user’s response.
Step 1: Go to Stores > Settings > Configuration in your Magento backend.
On the left side navigation panel, expand Advanced and choose Admin.
Go to CAPTCHA and you’ll see a section like below:
Step 2: On the upper-left corner, set Store View to “Default Config”.
Step 3: Configure fields to your requirements
- Enable CAPTCHA in Admin: choose Yes
- Font: set the font for CAPTCHA (or tick on Use default value)
- Forms: choose the forms in which the CAPTCHA is applicable. To choose multiple forms, hold the Ctrl key (PC) or Command key (Mac).
- Displaying mode: choose either ‘Always’ or ‘After a number of attempts to login’
- Number of unsuccessful attempts to login: enter the number of attempts before CAPTCHA appears. If the number is 0, CAPTCHA is always required.
- CAPTCHA timeout: enter the minutes before a CAPTCHA expires. If the CAPTCHA is expired, the user needs to reload the page for a new one.
- Number of symbols: fill in the number of symbols that appear in each CAPTCHA (up to 8). For a variable number of symbols that changes with each CAPTCHA, enter a range (such as 4-8).
- Symbols used in CAPTCHA: specify the symbols that can be used in the CAPTCHA.
- Case sensitive: Set to Yes if you want to require administrators to enter the characters in upper/ lowercase exactly as shown in the CAPTCHA.
Step 4: After you complete all the fields, click Save Config.
Enable CAPTCHA for customers
CAPTCHA for customers are usually required in these cases:
- Customer sign up for an account
- When they log in into their account
- Forgot password
- Checkout as guest
- Register during checkout
The steps to configure CAPTCHA for customers are quite similar to those for admin.
Step 1: Go to Stores > Settings > Configuration in your Magento backend.
On the left side navigation panel, expand Advanced and choose Customers > Customer configuration.
Go to the CAPTCHA section.
Step 2: Configure the fields in this CAPTCHA section (similar to configuring CAPTCHA for admin) :
- Enable CAPTCHA on Storefront: change to Yes
- Font
- Forms: choose the cases that a CAPTCHA will appear – Checkout; Login; Forget password, etc. Hold the Ctrl key (PC) or Command key (Mac) and click to choose multiple options.
- Displaying mode
- Number of unsuccessful attempts to login
- CAPTCHA timeout
- Number of symbols
- Symbols used in CAPTCHA
- Case sensitive
Step 3: When finished, click Save Config.
See also:
How to Add and Configure Multi Language for your Magento Store
How to Configure Image Sizes in Magento