Generally, Magento 2 owners focus so much on customer security that stays on the frontend; they often neglect the importance of having security for the backend side.
Having amazing security in Magento 2 website for admin login is very important because the complete website handling is being done from in the backend using the admin panel.
To safeguard your Magento 2 frontend forms from spam and bot attacks, you can add Google RECAPTCHA in Magento 2. Backend or admin login security is as important as frontend and default Magento 2 provides the facility to improve the security of the admin login by enabling captcha. Even if the admin tries to hit the login button multiple times, the admin user has to enter captcha to login to the Magento 2 admin panel.
According to Wikipedia, A CAPTCHA – Completely Automated Public Turing Test to tell Computers and Humans Apart, is a type of challenge-response test used in computing to determine whether or not the user is human.
In general terminology, CAPTCHA is a program that distinguishes human from the machine input basically to stop spams from extracting data from a website.
Earlier, I posted many solutions that ease the administration for store admins in Magento 2 such as changing the admin startup page in Magento 2. Today, I have come up with the steps to enable captcha for admin login in Magento 2.
Steps to Enable CAPTCHA for Admin Login in Magento 2
1. Log in to Magento 2 Admin Panel and go to Stores > Configuration > Advanced > Admin > CAPTCHA
2. Select YES to enable CAPTCHA for the admin login.
3. Select the font to be used for the CAPTCHA display.
4. Select the admin forms where you want to enable CAPTCHA.
5. Set displaying mode to always to show CAPTCHA for each login attempt.
6. Enter CAPTCHA timeout in minutes.
7. Enter a range of the number of symbols to be used in the CAPTCHA display.
8. Set Case Sensitive option to YES to match the admin user’s CAPTCHA case-sensitively.
9. Save the configuration.
Once the CAPTCHA is configured for the Magento 2 admin user login, you can see it enabled while login to your backend.
That’s it.
You can also refer to the video tutorial to Enable CAPTCHA for Admin Login in Magento 2 from our Magento 2 video tutorial series:
Enabling CAPTCHA provides better security to the Magento 2 backend. Sometimes in situations where password is forgotten or you need quick access. In these cases, using a root script log in without a password. By combining this with CAPTCHA, you can add another layer of security, ensuring your admin panel remains safe from unauthorized attempts.
Thank you!
