How to Enable Admin Login Captcha in Magento 2

Adding a captcha requirement to the Admin login and Forgot password page helps increase your store security to the next level. The captcha number will be able to reload unlimitedly when users click on the Reload icon.

In the previous topic, we introduced how to enable customer login or register Captcha in Magento 2. Now we will continue to show you how to enable admin login Captcha in Magento 2.

FREE Mageplaza’s modules help protect your online store

Magento 2 security extension

Magento 2 Two-Factor Authentication

Magento 2 Google reCAPTCHA

How to Enable Admin CAPTCHA

4 Steps to Enable an Admin CAPTCHA in Magento 2

1. On the Admin panel, click Stores. In the Settings section, select Configuration.
2. Select Admin under Advanced in the panel on the left
3. Open the CAPTCHA section, and continue with following:

• In the Enable CAPTCHA on Frontend field, select “Yes” to enable CAPTCHA on Frontend
• In the Font field, select the name of the Font to be used for the CAPTCHA symbols. The default is LinLibertine.
• In the Forms field, select one of the following forms where CAPTCHA is to be used
  • Admin Login
  • Admin Forgot Password
• In the Displaying Mode, choose one of the following
  • Always
  • After number of attempts to login
• In the Number of Unsuccessful Attempts to Login field, enter the number of unsuccessful attempts to login before captcha appears. If you enter Zero, the Captcha will be always available
• In the CAPTCHA Timeout (minutes) field, enter the number of minutes before the CAPTCHA expires. When the CAPTCHA expires, the user must reload the page to generate a new CAPTCHA.
• In the Number of Symbols field, enter the range number of symbols that CAPTCHA will be changed in, for example: 3-7. The maximum number of symbols is eight.
• In the Symbols Used in CAPTCHA field, specify the symbols that can be used in the CAPTCHA. Set only letters (a-z and A-Z), or number (0-9) to enter into the box. No spaces or other characters are allowed and the similar symbors is not used in the default.
• In the Case Sensitive field, select Yes if you require that the user enters the uppercase and lowercase characters exactly as shown
  1. When complete, click Save Config

Enable Admin Login CAPTCHA by Mageplaza Google reCAPTCHA

Google reCAPTCHA by Mageplaza is a solution for both customer management and admin approval:

• Enable both visible and invisible Google reCAPTCHA
• Add reCAPTCHA to various forms as you wish
• Support Admin Login and Admin Forgot Password

Google Recaptcha for Magento 2

Protect your store from spammers and bots with Magento 2 Google reCAPTCHA

Check it out!

How to Disable Admin CAPTCHA

To disable admin captcha, run the following command:

wget https://files.magerun.net/n98-magerun2.phar && chmod +x ./n98-magerun2.phar
alias n98="./n98-magerun2.phar"
n98 config:store:set msp_securitysuite_recaptcha/frontend/enabled 0
n98 config:store:set msp_securitysuite_recaptcha/backend/enabled 0
n98 config:store:set admin/captcha/enable 0
n98 config:store:set customer/captcha/enable 0
n98 config:store:set recaptcha/general/enabled 0
n98 s:upgrade
n98 c:flush

The bottom line

You can either enable the Admin Login CAPTCHA in Magento 2 thanks to the default Magento 2 or by using Mageplaza Google reCAPTCHA extension. Protecting your site from automatic bots and online fraud is essential to create a safe environment and improve users’ experience. Other related posts can be found below, and if you still have questions about security issues, feel free to mention them with us.

Related Topics

• Reset admin password
• Set Password Options for Customers
• Create New Admin User
• Enable Admin Login Captcha
• Secure Your Admin
• Security Checklist
• How to reset a locked Admin account
• How to reset a locked Admin account