How to Enable Customer Login / Register Captcha in Magento 2
Magento 2 supports administrators in setting a CAPTCHA requirement for customers when they log into their accounts. This CAPTCHA helps prevent spam and blocks bots from accessing the website, increasing security and enhancing customer trust. To improve your store's security, you should enable Admin Login Captcha and install the Security module.
In the backend, you can configure whether customers must enter a CAPTCHA each time they log in or only after several failed login attempts.
Where Can You Enable CAPTCHA in Magento 2?
Admins can enable CAPTCHA for the following forms in the storefront:
- Create User
- Login
- Forgot Password
- Checkout as Guest
- Register During Checkout
- Contact Us
Steps to Configure Storefront CAPTCHA in Magento 2
Follow these steps to enable CAPTCHA on the storefront:
- On the Admin panel, click Stores. In the Settings section, select Configuration.
- Select Customer Configuration under Customers in the left panel.
- Open the CAPTCHA section and proceed with the following configurations:
- In the Enable CAPTCHA on Frontend field, select Yes to enable CAPTCHA on the frontend.
- In the Font field, choose the font for CAPTCHA symbols. The default is LinLibertine.
- In the Forms field, select one or more forms where CAPTCHA should appear:
- Create User
- Login
- Forgot Password
- Checkout as Guest
- Register During Checkout
- In the Displaying Mode field, choose one of the following options:
- Always
- After a number of unsuccessful login attempts
- In the Number of Unsuccessful Attempts to Login field, specify the number of failed login attempts after which CAPTCHA appears. Entering 0 will always show CAPTCHA.
- In the CAPTCHA Timeout (minutes) field, specify the number of minutes before CAPTCHA expires. After expiration, users must reload the page to generate a new CAPTCHA.
- In the Number of Symbols field, set the range of symbols for CAPTCHA (e.g., 3–7). The maximum is eight symbols.
- In the Symbols Used in CAPTCHA field, define the symbols allowed in CAPTCHA (letters a–z, A–Z, or numbers 0–9). No spaces or special characters are allowed.
- In the Case Sensitive field, select Yes if the CAPTCHA is case-sensitive.
- When finished, click Save Config.
Final Words
We’ve discussed how to enable Customer Login and Register CAPTCHA in Magento 2 to secure your store. While the default Magento 2 CAPTCHA is a basic solution, modern stores may require advanced options. We recommend trying Google reCAPTCHA to enhance security and user experience. For further insights, explore actual case studies for effective implementation.