Skip to main content

reCAPTCHA Configuration

Overview

The reCAPTCHA Configuration page allows you to protect your platform’s authentication flows from spam and automated bot attacks. It integrates Google reCAPTCHA into your login, signup, and password reset pages. This helps ensure that only real users can interact with your platform.
Screencapture Stage Skyfree In Platform Settings 2026 04 23 20 40 39 Edit

What You Can Do

Using this page, you can:
  • enable or disable reCAPTCHA protection
  • choose the reCAPTCHA version (v2 or v3)
  • configure public and private keys
  • apply protection to specific pages
  • enable strict validation for stronger security

reCAPTCHA Versions

The platform supports two versions of Google reCAPTCHA:
  • v2 (Checkbox) → users manually verify (“I’m not a robot”)
  • v3 (Invisible) → background scoring without user interaction
You can choose the version based on your preferred user experience and security level.

How to Create Google reCAPTCHA Keys

Follow these steps to generate your reCAPTCHA credentials:
Image

Step 1: Open Google reCAPTCHA Console

Go to: https://www.google.com/recaptcha/admin

Step 2: Register a New Site

  • enter a label (your project or domain name)
  • select reCAPTCHA type:
    • v2 (Checkbox) OR
    • v3 (Score-based)
  • add your domain (e.g., yourdomain.com)
  • accept terms and submit

Step 3: Copy Keys

After registration, Google will provide:
  • Site Key (Public Key)
  • Secret Key (Private Key)
These keys are required to connect reCAPTCHA with your platform.

How to Configure in Platform

Once you have the keys:
  1. Go to reCAPTCHA Settings in your platform
  2. Enable reCAPTCHA
  3. Select the version (v2 or v3)
  4. Paste:
    • Site Key → in Site Key (Public)
    • Secret Key → in Secret Key (Private)
  5. Enable Strict Mode if needed
  6. Choose where to apply:
    • Login page
    • Signup page
    • Reset password page
  7. Click Save Settings

Strict Mode

Strict Mode increases security by requiring a higher confidence score when using reCAPTCHA v3. This helps block more bots but may occasionally challenge real users. Use this if your platform experiences high spam activity.

Where It Applies

You can selectively apply reCAPTCHA protection to:
  • Login Page
  • Signup Page
  • Reset Password Page
This gives flexibility in balancing security and user experience.

What Happens If Not Configured

If reCAPTCHA is not configured:
  • your platform may be vulnerable to bot signups
  • spam registrations may increase
  • abuse of login or reset flows may occur

Why This Page Matters

reCAPTCHA is a critical security layer that protects your platform from automated abuse. It ensures that only genuine users interact with authentication flows.

Summary

The reCAPTCHA Configuration page allows you to integrate Google reCAPTCHA into your platform, enabling protection against bots and ensuring secure user authentication processes.
Last modified on April 24, 2026