Want to add CAPTCHA protection that is not Google’s reCAPTCHA to the login page of your WordPress website? There is a WordPress plugin for that!

And that’s how I ended up using CAPTCHA to protect the login page of this website. It was not planned, though. You see, it just so happened that I was trying to replace Google reCAPTCHA on a newsletter subscription plugin I wanted to use for this website. So I installed the CAPTCHA plugin, but I couldn’t get it to work as well as the default reCAPTCHA on the newsletter subscription form.

The plugin is supposed to be a drop-in replacement for reCAPTCHA, but it involved more coding than I know how to do. So I let it go, hoping that I’ll figure it out eventually.

Then a few hours ago I was logged out of this website’s admin dashboard and had to log back in. That’s when I found out that the login page is now protected by a reverse Turing test from hCaptcha. I had completely forgotten that when I installed hCaptcha for Forms and More (that’s the name of the plugin), that I had enabled hCaptcha protection on the login form.

hCaptcha

Figure 2: hCaptcha protection on LinuxBSDos.com

 

So I have another layer of security on this website, even though I’ve never had any security breach via the login form in the almost 13 years this site has been online. But security in-depth is a sound principle, I’ll let it stand.