Adding reCAPTCHA to your WordPress Site

No one likes getting spam, and a good spam filter is just as much a necessity for your website as it is for your email inbox. A CAPTCHA can help by working along with spam filters like the default WordPress plugin Akismet to keep out form submissions by robots. Whether your website already has a CAPTCHA, and you are concerned about how this is affecting accessibility and conversion rates, or whether you are considering adding CAPTCHA to your WordPress site, this post will help you understand how CAPTCHA can benefit your website.

What is CAPTCHA?

CAPTCHA is an acronym that stands for “completely automated public Turing test to tell computers and humans apart.” In simpler terms, CAPTCHA is a test designed to distinguish between human and robot website users.

The original CAPTCHA was created in the 1990s and took the form of blurred, obscured, or distorted characters that bots could not read but human users could identify. Since then, other, more advanced forms of CAPTCHA have emerged, including Google reCAPTCHA.

Google recognized that people often feel frustrated wasting their time squinting at difficult-to-decipher letters in order to submit a form. And some users, particularly those with disabilities like hearing impairment or dyslexia were blocked almost as much as bots. Instead of subjecting everyone to this frustrating task, newer versions of reCAPTCHA analyze the behavior of each user to see how human-like he is. If reCAPTCHA deems the behavior human-like, the user will not receive the complete CAPTCHA test, and instead may only have to click a box to confirm “I am not a robot” or do nothing at all.

What Are the Benefits of a CAPTCHA?

CAPTCHAs help prevent hackers from abusing online services by blocking robots from submitting fake information.

CAPTCHA tests can:

  • Stop brute force attacks on your account, where hackers try to log into your site using thousands of different passwords.
  • Prevent bots from submitting forms and survey responses. These bot submissions can skew your data and create fake signups.
  • Deter cybercriminals from spamming your content with questionable comments and links to other websites.
  • Make online payment more secure.
  • Prevent bots from buying large quantities of tickets or registrations.

Google reCAPTCHA comes with the additional benefit of being easy for people to use. Google’s slogan “easy on humans, hard on bots” emphasizes their goal of preventing user frustration, thereby increasing conversions and improving the user experience.

Which Version of reCAPTCHA Should you Use?

reCAPTCHA Version 1

reCAPTCHA Version 1 has been shut down since March 2018. This reCAPTCHA took several forms, including identifying distorted words and characters.

The “I’m not a robot” Checkbox (reCAPTCHA Version 2)

The “I’m not a robot” checkbox requires users to click a checkbox. Based on whether the user seems suspicious, reCAPTCHA will either pass the user through immediately or ask them to prove they are human by identifying a series of images.

Invisible reCAPTCHA (reCAPTCHA Version 2 and 3)

Invisible reCAPTCHA analyzes user activity (e.g mouse movements and typing patterns) to determine whether the user is a human or a robot. Only suspicious behavior prompts the user to solve a CAPTCHA test. After the user submits the form, the reCAPTCHA image appears briefly and then disappears. Users no longer have to click a checkbox or sort through a series of images to prove they are human.

Invisible reCAPTCHA minimizes the disturbance to users and helps prevent people from abandoning the signup process.

How to add reCAPTCHA to your WordPress website

Adding reCAPTCHA to your WordPress site is not difficult and can be done by following these steps:

  1. Log in to with your Google account. If you do not have one, where have you been? But, you can register one for free.
  2. Give your reCAPTCHA a name so you can distinguish between different reCAPTCHAs you set up.
  3. Select which version of reCAPTCHA you want to use.
  4. Enter your website domain, and accept the terms and conditions.
  5. Click “register.”
  6. Copy the site key and secret key.
  7. Decide where you want to enable reCAPTCHA (your website’s contact form, registration form, site login form, comment form etc.) There are several plugins that enable you to add reCAPTCHA to the desired form. Keep in mind that some form builders, like Contact Form 7 or Gravity Forms have their own setup for adding CAPTCHA.
    Alternatively, if you feel comfortable editing your site files, you can add the reCAPTCHA script to your website between the <head> tags:
  8. <script src=””></script>
    This code needs to be added to any page where you want to display the CAPTCHA. On these pages, you must insert in the following code:
    <div class=”g-recaptcha” data-site-key=”Your site key here”></div> Install and activate the plugin, if you are using one.
  9. In your WordPress dashboard, paste the Site Key and Secret Key where the plugin prompts you to. Each plugin will have slightly different instructions. 
  10. Make sure to save your changes.


Adding reCAPTCHA to your WordPress website is not difficult and can help prevent spam in ways that other filters cannot. Today, Google has optimized reCAPTCHA to make it easier and less disruptive for your users to prove that they are a legitimate human user.

If you need assistance adding reCAPTCHA to your WordPress site or want general site maintenance, contact us to learn how we can help.

Leave a comment

Stay in Touch!

Please note: As of January 2020, all IRG Websites services are handled via illuminea: a LeverageIT company. All new and existing customer requests will be handled through illuminea.


Copyright © 2020