Extension: Secure Captcha

Secure Captcha Magento Extension Logo

This Magento extension protects against a flood of spam from bots and is GDPR-compliant. The module extends the standard Magento Captcha and optimises the captcha functionality and the readability of the number and letter combination (or captcha graphic).


To set up Secure Captcha, please go to System → Store → Settings → Configuration → Customers→ Customers Configuration → Secure Captcha

Backend Configuration

secure captcha Backend configuration captcha

Secure Captcha Settings

secure captcha backend settings forms

  • Set Enable CAPTCHA in Storefront to Yes. Then complete the remaining options as follows:

    • Font: set the font to be used for Captcha Symbols (default: LinLibertine), we recommend Roboto for better readability.

    • Forms: Select any of the following Forms where the Secure Captcha is to be used. To choose multiple forms, hold down the Ctrl key (PC) or Command key (Mac).

    • You can select all Magento standard forms for:

      • Applying coupon mode

      • Checkout/Placing Order

      • Create User

      • Login

      • Forgot Password

      • Contact Us

      • Change Password

      • Payflow Pro

      • Send To Friend

      • Share Wishlist

secure captcha backend generell settings

  • Set Displaying Modes to one of the following:

    • Always — Secure Captcha is always required to log in to the Admin.

    • After number of attempts to login — This option applies only to the Admin Login form.

      • If you select this option, the "Number of unsuccessful login attempts" field appears. Enter the number of login attempts you allow here. The value 0 (zero) is comparable to setting "Display mode" to "Always".

      • In order to record the number of unsuccessful login attempts, each attempt to log in using an email address and an IP address is counted. The maximum permitted number of login attempts from the same IP address is 1,000. This limit only applies if Secure Captcha is activated.

  • Number of Unsuccessful Attempts to Login: Enter the number of times the administrator can try to log in before the Secure Captcha appears. If set to zero (0), Secure Captcha is always required.

  • CAPTCHA Timeout (minutes): Enter the number of minutes before the Secure Captcha expires. When the CAPTCHA expires, the administrator must reload the page.

  • Number of Symbols: Enter the number to appear in the Secure Captcha. Up to eight (8) symbols can be used. For a variable number of symbols that changes with each Captcha, enter a range (such as 5-8).

  • Specification of the symbols to be used for the secure captcha

    • For Symbols Used in CAPTCHA, enter the letters (a-z and A-Z) and numbers (0-9) that you want to appear randomly in the CAPTCHA. Symbols that are hard to distinguish from other symbols, such as i, o, 0, 1 are not included in our default set of Secure Captcha symbols.

    • the Secure Captcha default set is: ABCDEFGHJKLMNPQRTUVW2346789

  • Case Sensitive: Set ** to Yes if you want to require administrators to enter the characters in upper or lowercase exactly as shown in the CAPTCHA.

  • When you are finished with the configuration: save config

Cache Management

After completing all configurations go To System > Tools > Cache Management

secure captcha cache management flush magento cache

  • To ensure that the changes are applied, please Flush Magento Cache. You can clear the entire Magento Cache or select the INVALIDATED caches.


Here you will find examples of the use of Secure Captcha in the frontend forms.

Forget Password:

secure captcha frontend sample forgot passwort

Login Customer account with wrong Password 3 Times:

secure captcha frontend sample Login customer

Contact Forms:

secure captcha frontend sample contact us