Adds a Google reCAPTCHA human user verification control to the CAPTCHA element in your forms, including “invisible” reCAPTCHA and the new v3 reCAPTCHA.
This is one of the most advanced human verification systems available. It is highly responsive, it detects when an automatic verification can be accomplished to minimize the user’s interaction needed to pass the verification.
with reCAPTCHA v3, no user interaction with the validator is required, it works entirely in the background.
reCAPTCHA v2 uses revalidation patterns (when needed) that are drawn from several different sources, and the user’s responses are also used to help categorize the billions of images in the Google image index.
reCAPTCHA is a human-verification system, designed to thwart scripted form submissions, also known as “bots.” For that reason, it does not work as a general spam filter because a lot of spam is generated by humans who are paid a very small amount to submit spam (typically advertising, but sometimes malware or phishing links) to web forms.
This add-on requires you to obtain API keys from Google. It’s not hard, but if the process is unfamiliar it may seem like a lot of trouble to go to. You will need a Google account for this, but you don’t have to create a new one if you already have a Gmail account, just log in to your Gmail (or Google Accounts) before you begin and it will go smoothly. Otherwise, create your Google account, then once you’re logged into it, get your API keys as explained below.
Google has created a very helpful setup page for using the reCAPTCHA API, just click on the “sign up for an API key pair” link on this page:
Be sure to click on the sign up for an API key pair link first thing, that’s really all you need to do. The rest of the technical stuff you don’t need to worry about. You will have a choice between reCAPCHA v2 or reCAPCHA v3. V2 gives you a choice to show a checkbox or an “invisible” widget, and will show an image or audio challenge if it can’t determine if the user is human. V3 works entirely in the background for an uninterrupted user experience.
Make your selection and get your key pair, then enter them into the plugin settings. Don’t choose “Android” it’s not supported by the plugin.
Setting Up the reCAPTCHA Field
Once the keys have been entered, go to the “manage database fields” page and create a new field for the captcha (if you don’t already have one). Set the form element setting to “captcha” and enable the field for the signup form by checking the “signup” checkbox.
Enable the Google reCAPTCHA control in the field by typing the word “recaptcha” in the form element “Attributes” field.
The field’s “Validation Message” setting is what will be shown to the user if the reCAPCHA does not pass.
Switching Between reCAPTCHA v2 and v3
If you want to try both reCAPTCHA versions, you can easily switch between v2 and v3, but you will need a different key pair for each. Keep the key pair in a safe place and remember to label which is which.
Site Key, Secret Key
These keys, which are supplied by Google, must be provided for the plugin to work. See the instructions for how to obtain these codes for your site.
CAPTCHA Passed Message
This is what to show if the challenge has been met to let the user know they passed it. It can be a simple string or some HTML if you like.
Selects the widget type to use, you have 4 choices: V2 Checkbox (normal or compact), V2 Invisible, or V3 background validation.
Your key pair must match the type you choose here! When you get your keys generated, you must select the correct type for the widget type you want to use.
Selects the appearance of the widget for a v2 widget.
reCAPTCHA Badge Location
When using Invisible or v3 reCAPTCHA, a badge is placed on the screen. This setting sets where that is shown. Use the “Inline” setting if you want to style it yourself with CSS.
If the user requires additional validation, this selects which type of revalidation widget will be used. It’s usually best to stick with “image” because most people are familiar with it. (V2 only)
reCAPTCHA v3 Minimum Score
This control selects the threshhold for validating a user. The way it works is this: each user gets a score from 0 – 10, with 0 identified with certainty as a bot and 10 identified as certainly a human user. This control sets the minimum score a user must have to be allowed to submit the form. The default is 5. If you are getting bot submissions with 5, you can set this to a higher numer to filter them out. If 5 is rejecting human users, you may want to set it to a lower value.
The important thing to understand about using reCAPTCHA v3 is you will need to monitor the situation to make sure the setting is good for your site: this is very important because different sites have different kinds of users, so some fine-tuning may be needed here to get the best setting. The advantage of v3 is that the user never has to interact with it, but the backside of that is you may need to make sure this setting is correct.
Log Rejected Submissions
When checked, submissions that are complete, but rejected by reCAPTCHA v3 will be printed to the log for analysis. You must have debugging enabled in the Participants Database settings.
This feature is meant to be used temporarily, while making sure that the “Minimum Score” setting is working for your site. The log will fill quickly, so you should clear it on a regular basis.
Be sure to disable debugging in Participants Database whe you’re no longer using the log.
Product-specific technical support can be found here:
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.