CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is a verification method that makes sure that a human being is interacting with websites. It can be used for admin login and customer logins.
You can click the Reload button to reload the CAPTCHA. The CAPTCHA is configurable and can be set to display every time or only after some failed login attempts.
Admin CAPTCHA
CAPTCHA can be added to the admin login box. Administrators can reload CAPTCHA by clicking the Reload icon
To configure an admin captcha, follow these steps:
Stores > Configuration > On the left of the panel, under Advanced, click Admin > Set Store View to “Default.” > Open the CAPTCHA tab and follow these steps:
- Set Enable CAPTCHA in Admin to “Yes.”
- Enter the Font for the CAPTCHA symbols. Default font: LinLibertine.
- You can add your font by putting the font file in the same directory as your Magento instance, declare in the config.xml file of the Captcha module at app/code/Magento/Captcha/etc.
- Select the Forms where the CAPTCHA is to be used:
Admin Login
Admin Forgot Password
- Set Displaying Mode to one of these options:
| Always | CAPTCHA is always required to log in the Admin. |
| After a number of attempts to login | In the field Number of Unsuccessful Attempts to Login, enter the number of login attempts allowed. Input 0 to Displaying Mode to Always. This option does not cover the Forgot Password form. If CAPTCHA is enabled and configured to display on this form, then it is always included on the form. |
- Enter the Number of Unsuccessful Attempts to Login before the CAPTCHA displays. If enter 0, the CAPTCHA is always used.
- In the CAPTCHA Timeout (minutes) field, enter the number of minutes before the CAPTCHA expires. When the CAPTCHA expires, the user must reload the page.
- Enter the Number of Symbols used in the CAPTCHA, the maximum number is eight.
- In the Symbols Used in the CAPTCHA field, specify the symbols that can be used in the CAPTCHA.
- Set Case Sensitive to “Yes” to require that users enter the characters exactly as shown
- Click Save Config.
Customer CAPTCHA
You can configure to force the customer to enter the CAPTCHA each time to login or after a certain time of login failed.
Follow these steps to configure a Storefront CAPTCHA:
Stores > Configuration > Configuration > Customer Configuration > Open the CAPTCHA tab and do these steps:
- Set Enable CAPTCHA on Frontend to “Yes.”
- Enter the name of the font for CAPTCHA symbols.
- Choose the Forms
- Set Displaying Mode
- Enter the Number of Unsuccessful Attempts to Login
- CAPTCHA Timeout (minutes): Enter the minutes before the CAPTCHA expires
- Enter the Number of Symbols in the CAPTCHA, the maximum number is eight.
- Specify the symbols that can be used in the CAPTCHA in the Symbols Used in the CAPTCHA
- Set Case Sensitive to “Yes” to include uppercase and lowercase in your CAPTCHA.
- Click Save Config
