How to Add Google Recaptcha to a WordPress Login

From WikiHTP

Those of you who already know WordPress also know what it is capable of, from the creation of blogs to shopping carts. At times it seems that this tool has no limits, this open source CMS often provides us with the freedom and also opens doors for attackers. The purpose of this tutorial is to protect our WordPress users when they logging in.

Sure more than once some specialist in computer security has told you about the importance of having a difficult password, to better protect the access of your user. Even some platforms like those of banks force us to have a password with high security. And although it may be annoying for the user to think of a password with combinations of lowercase, uppercase, letters and symbols; It is the surest way to protect your data.

If you have a web application made with WordPress, most likely somewhere in the world, there is a machine, a robot, trying to break the security of your user through brute force. No, it's not a joke. Basically, this attacker enters your user and has a dictionary of passwords, which will be tested until you try to guess it, although if your password has high security, it probably will not.

It goes without saying that it is a terrible mistake to have passwords like 'admin', '1234', 'querty.' Here is a list of passwords that you should never use:

https://en.wikipedia.org/wiki/List_of_the_most_common_passwords

Google reCaptcha[edit]

Probably you have ever seen this box for tildas and a text: 'I am not a robot'. This protects the user just from what I named earlier, the attacks of these machines.

Well, to add that functionality to your site, Go to Plugins -> Add new. Search with following keyword: Simple Google reCAPTCHA.

Simple google recaptcha.jpg

Install and then activate it.

It will ask us to enter the Site key and the Secret Key.

Simple google recaptcha2.jpg

This is provided by Google, and to obtain it you must go to the following page:

https://www.google.com/recaptcha/admin#list

Enter a label that will be able to group your sites with the same codes. Then the type of Captcha, in our case: reCaptcha V2. And finally, the URL of your site, if you have more than one then you should separate them with space.

Accept the terms and Google will give you the keys, which you must enter in the form that we saw previously, which is requested by Simple Google reCAPTCHA plugin. Then click on the 'Save changes' button.

Simple google recaptcha3.jpg

Ok, now your login is sure of the attacks of these robots. Cheers!

About This Tutorial

This page was last edited on 31 January 2019, at 19:27.