According to Wikipedia, “reCAPTCHA is a CAPTCHA (Completely Automated Public Turning test to tell Computers and Humans Apart) system, which is a system that allows web hosts to distinguish between human and automated access to websites.”

Google reCAPTCHA provides a shield to protect websites from fraud and abuse by using an advanced risk analysis engine and adaptive challenges to make sure malicious software stays away from your website.

Magento uses Google reCAPTCHA for both storefront and admin, which supports 3 methods of reCAPTCHA: reCAPTCHA v2 (“I'm not a robot”), reCAPTCHA v2 invisible and reCAPTCHA v3 invisible.

Set up Google reCAPTCHA to get key

Step 1: Go to google reCAPTCHA create page (if the language is not English, you can open this link with an incognito browser)

Step 2: Fill the information. At this step, we will demonstrate for reCAPTCHA v2 “I'm not a robot” first.

Set up Google reCAPTCHA to get key
Set up reCAPTCHA: reCAPTCHA v2 “I'm not a robot”
  • reCAPTCHA type: Magento 2 uses 3 types of reCAPTCHA, so you need to set up 3 times to get 3 different keys: reCAPTCHA v3, reCAPTCHA v2 “I'm not a robot”, reCAPTCHA v2 invisible reCAPTCHA badge. We will create reCAPTCHA “I'm not a robot” first, so just click on “I'm not a robot” Checkbox.
  • Accept the reCAPTCHA Terms of Service: click to accept Google conditions.

Step 3: Click on Submit button

Step 4: Copy the key and paste on Magento configure

Copy the key and paste on Magento configure
Set up reCAPTCHA: Add reCAPTCHA to your site

Set up reCAPTCHA Configuration

This will demonstrate for configuration of the admin page. For the storefront, you can do the same thing.

Step 1: On the Admin Nav bar, go to Store > Configuration > Security > Google reCAPTCHA Admin Panel.

Set up reCAPTCHA Configuration

Step 2: Expand reCAPTCHA v2 (“I am not a robot”)

Expand reCAPTCHA v2

Step 3: Paste site key and secret key setup in google reCAPTCHA page to Google API Website Key and Google API Secret Key

google reCAPTCHA page to Google API Website Key

Step 4: Scroll down to Admin Panel tab

Admin Panel tab

This will config which type of reCAPTCHA appears and when it will be applied, login to admin page or forgot password.

Step 5: Save Config and Flush cache

Here is the result:

Admin login

Admin login
Set up reCAPTCHA: Admin login interface

Customer login

Customer login
Set up reCAPTCHA: Customer login interface