Protect WordPress Registration & Login Forms with reCAPTCHA

Do you want to stop spam bots from filling out your form? You can add Google reCAPTCHA to your WordPress forms to protect against spam and other types of automated abuse.

A CAPTCHA is a test to tell humans and bots apart. It is easy for humans to solve and pretty difficult for bots and other malicious software to figure out. Adding reCAPTCHA to your site can block automated software while letting legit users access your WordPress membership site.

See the guide below to protect login, registration, password reset, and edit profile forms against spam and abuse using the Google reCAPTCHA.

V3 verifies if an interaction is legitimate without user interaction and will never display a captcha like version 2. Rather users will only see a badge at the lower right corner of the screen.

Activating the Addon

To activate the Google reCAPTCHA addon, go to ProfilePress>>Addons>> Scroll to Google reCAPTCHA and switch it ON.

Setting up Google reCAPTCHA

Firstly, you must grab a reCAPTCHA site and secret key for your website domain. Get them here.

NB: Make sure you add your domain under the domains section

reCAPTCHA Settings

Head over to ProfilePress>>Settings>>reCAPTCHA and follow these steps.

• Select reCAPTCHA type.
• Paste your Site and Secret keys.
• Set the score threshold. The score at which users will fail reCAPTCHA v3 verification. Scores can range from 0.0 (very likely a bot) to 1.0 (very probably a human). Default is 0.5
• Set the error message—the message or text to display when CAPTCHA is ignored, or the challenge is failed.

Adding reCAPTCHA to your WordPress forms

To add reCAPTCHA to your login, registration and password reset forms, click on the form title to open up the form builder.

If using the Drag-and-drop builder, add the reCAPTCHA block to the form.

If using the shortcode builder, add the reCAPTCHA shortcode to the form.

La fin!