Magento 2 Tutorials 
Improve Magento 2 Security by Enabling Captcha & Changing Magento 2 Encryption Key
- Fayyaz Khattak
- May 30, 2016
Disclaimer: Magenticians does not necessarily agree with the views expressed in this guest post. They are presented to bring to light all diverse views in the Magento and general ecommerce community.
Captcha and Encryption Key are two ways by which you can easily improve the security of your Magento 2 store. Captcha is known as a visual security check which ensures that a human being is interacting with the website rather than a computer bot. It has some code that a user has to enter whenever it is required.
The Magento 2 Encryption key is used to protect passwords and other valuable data. During the Magento 2 installation process, Magento 2 generates a random encryption key. In this blog post, we will discuss how to enable Captcha and change the Encryption Key in Magento 2.
Magento 2 Captcha
In Magento 2, you can add the Captcha to the sign in and forget password page for both admin and customer account. To enable Magento 2 Captcha, follow the steps below:
Enable Admin Captcha
Step 1: Login to your Magento 2 Admin Panel.
Step 2: Tap STORES from left sidebar.
Step 3: Click Configuration under the Settings menu.
Step 4: From the left panel, expand ADVANCED and click Admin.
Step 5: Click CAPTCHA in the right panel and expand it.
Step 6: Set Enable CAPTCHA in Admin to Yes. You will see some more options to configure:
- Font: The default font for Magento 2 Captcha is LinLibertine.
- Forms: Select the pages that will use Captcha. Press CTRL key to select multiple options.
- Displaying Mode: Choose one of the following options:
- Always: Always require to enter the Captcha.
- After number of attempts to login: Show Captcha after a certain number of failed login attempts.
- CAPTCHA Timeout (minutes): Captcha expiration period.
- Number of Symbols: A variable number of symbols that changes with each CAPTCHA.
- Symbols Used in CAPTCHA: Determine the symbols that can be used in the Captcha. You can select from A to Z for letter and from 0 to 9 for the number.
- Case Sensitive: If you want to require Admins to enter the characters exactly as shown, set it to Yes.
Step 7: Tap Save Config when you are finished.
Enable Customer Captcha
Step 1: Go to Configuration page.
Step 2: From the left panel, expand CUSTOMERS and click Customer Configuration.
Step 3: Click CAPTCHA in the right panel and expand it.
Step 4: Set Enable CAPTCHA on Storefront to Yes. You will see some more options to configure:
- Font: The default font for Magento 2 Captcha is LinLibertine.
- Forms: Select the pages that will use Captcha. Press CTRL key to select multiple options.
- Displaying Mode: Choose one of the following options:
- Always: Always require to enter the Captcha.
- After number of attempts to login: Show Captcha after the certain number of failed login attempts.
- CAPTCHA Timeout (minutes): Captcha expiration period.
- Number of Symbols: A variable number of symbols that changes with each CAPTCHA.
- Symbols Used in CAPTCHA: Determine the symbols that can be used in the Captcha. You can select from A to Z for letter and from 0 to 9 for the number.
- Case Sensitive: If you want to require Admins to enter the characters exactly as shown, set it to Yes.
Step 5: Tap Save Config when you are finished.
Magento 2 Encryption Key
Follow the steps below to change Magento 2 Encryption key:
Step 1: From the Magento 2 Admin left sidebar, tap SYSTEM.
Step 2: Click Manage Encryption Key under the Other Settings menu.
Step 3: To change the Encryption Key, do one of the following:
- Auto-generate a Key: Set Yes if you want Magento 2 to handle this for you.
- New Key: Enter the new key of your choice
Step 4: Tap Change Encryption Key once you are done.
This article was all about enabling Captcha and changing Magento 2 Encryption Key for enhancing security in Magento 2. Master them to save your Magento 2 store from attacks while improving your store security. If you have anything to ask or add to this topic, feel free to comment below.
