Having a Captcha on your store is quite important. Captcha or Completely Automated Public Turing test to Tell Computers and Humans Apart is a technique to distinguish between humans and computers. Captcha is mainly used as a security check to ensure only human users can pass through.
This is crucial for an online store, in order to ensure it doesn't get flooded by bots, and that your customers are kept safe. As a concrete example, one of our client's stores has been flooded with hundreds of fake accounts created by such a bot, which could have been avoided, had they had a reCaptcha in place.
Starting with Magento 2.3.x, Google reCaptcha is included by default in the Magento Core, meaning that it only needs to be configured in order to be ready for use. To enable and configure it, follow the steps below:
1. Log into your Magento 2 Admin Panel and head into Stores -> Configuration -> Security -> Google reCaptcha.
2. In the General section, enter your Google API website key and Google API secret key. These can be found or generated by signing up for a free account on Google reCaptcha here.
3. You can choose to enable the Google reCaptcha for the Magento Backend, as well as for the Frontend. If you want to enable it for the Backend, choose a Theme and Size, and continue with the configuration.
4. It's most important to have the reCaptcha enabled for the Frontend section of your store, as this is the section that's most likely to be accessible by bots. There are multiple sections of the Frontend where the reCaptcha can be used, and they all come enabled by default. Just make sure you set the Enable Option at the top to Yes. You can also choose between the regular, always-displayed reCaptcha, or the Invisible reCaptcha, which will only prompt the user to verify they are not a bot if the Google Algorithms detect they are suspicious.
5. Save the Config and you should be done! The Google reCaptcha should now be enabled and configured on your store, and helping keep bots at bay.