How to Enable Admin Login Captcha in Magento 2

Adding captcha requirement to the Admin login and Forgot password page helps increase your store security to the next level. The captcha number will be able to reload unlimitedly when users click on the Reload icon.

In the previous topic, we introduced how to enable customer login or register Captcha in Magento 2. Now we will continue to show you how to enable admin login Captcha in Magento 2.

FREE Mageplaza’s module help you protect online store Magento 2 security extension Magento 2 Two-Factor Authentication Magento 2 Google reCAPTCHA

4 Steps to Enable an Admin CAPTCHA in Magento 2

1. On the Admin panel, click Stores. In the Settings section, select Configuration.
2. Select Admin under Advanced in the panel on the left
3. Open the CAPTCHA section, and continue with following:

• In the Enable CAPTCHA on Frontend field, select “Yes” to enable CAPTCHA on Frontend
• In the Font field, select the name of the Font to be used for the CAPTCHA symbols. The default is LinLibertine.
• In the Forms field, select one of the following forms where CAPTCHA is to be used
  • Admin Login
  • Admin Forgot Password
• In the Displaying Mode, choose one of the following
  • Always
  • After number of attempts to login
• In the Number of Unsuccessful Attempts to Login field, enter the number of unsuccessful attempts to login before captcha appears. If you enter Zero, the Captcha will be always available
• In the CAPTCHA Timeout (minutes) field, enter the number of minutes before the CAPTCHA expires. When the CAPTCHA expires, the user must reload the page to generate a new CAPTCHA.
• In the Number of Symbols field, enter the range number of symbols that CAPTCHA will be changed in, for example: 3-7. The maximum number of symbols is eight.
• In the Symbols Used in CAPTCHA field, specify the symbols that can be used in the CAPTCHA. Set only letters (a-z and A-Z), or number (0-9) to enter into the box. No spaces or other characters are allowed and the similar symbors is not used in the default.
• In the Case Sensitive field, select Yes if you require that the user enters the uppercase and lowercase characters exactly as shown
  1. When complete, click Save Config

Enable Admin Login CAPTCHA by Mageplaza Google reCAPTCHA

Google reCAPTCHA by Mageplaza is a solution for both customer management and admin approval:

• Enable both visible and invisible Google reCAPTCHA
• Add reCAPTCHA to various forms as you wish
• Support Admin Login and Admin Forgot Password

You can take a look at how Google reCAPTCHA works on actual stores here.

Discover Mageplaza Google reCAPTCHA in Magento 2

The bottom line

You can either enable the Admin Login CAPTCHA in Magento 2 thanks to the default Magento 2 or by using Mageplaza Google reCAPTCHA extension. Protecting your site from automatic bots and online fraud is essential to create a safe environment and improve users’ experience. Other related posts can be found below, and if you still have questions about security issues, feel free to mention them with us.

Related Topics

• Reset admin password
• Set Password Options for Customers
• Create New Admin User
• Enable Admin Login Captcha
• Secure Your Admin
• Security Checklist
• How to reset a locked Admin account
• How to reset a locked Admin account
• Download Securty module on Github