A simple captcha for the WordPress login form. To be able to login, the user is required to enter a random 3-digit number in a text field.
- No complicated features
- No settings
- No image generation
- No API
- No sessions
- No cookies
- No IP address detection
- No personal data collection
- No vulnerabilities in the programming code
Bots can also try to login with the XML-RPC feature of WordPress! Very rarely plugins also need this (like the Jetpack plugin). But if you don’t use it, I recommend that you disable it. You can use the super simple one-line plugin Disable XML-RPC.
This is a simple plugin designed to protect against random bots that try to login on your site. But if a person actually looks at the code of this plugin and specifically designs a new bot that targets this plugin, this bot would be able to bypass the protection.
Simply install and activate the plugin, like you would any normal plugin. There are no settings.
- Visit your Plugins Add New Screen
- Find the plugin by searching for: Simple Login Captcha
- Install the plugin, by clicking the “Install Now” button
- Activate the plugin, by clicking the “Activate” button
Contributors and Developers
“Simple Login Captcha” is open source software. The following people have contributed to this plugin.Contributors
1.3.3 – 11 April 2021
- Added: Compatibility with front-end login forms that use the wp_login_form function (but the form must not be cached by a caching plugin).
1.3.2 – 16 December 2020
- Added: Translated language files for Polish (thanks to Karol).
1.3.1 – 16 December 2019
- Fixed: The language files were not loaded if they were only present in the plugin languages folder (and not in wp-content/languages/plugins).
1.3.0 – 13 December 2019
- Added: Compatibility with the WooCommerce login page.
- Added: Translated language files for German (thanks to Tilo).
- Improved: The gray container of the security code now has a slight border.
1.2.0 – 10 September 2019
- Improved: In a multisite, when activated on separate sub-sites only, now uses one global database table.
- Fixed: In a multisite, when network activated, it would not work in login pages of separate sub-sites. It would work only on the main site login page, and on the login pages for other site, it would not let anyone in.
- Fixed: Changed the label tag surrounding the “Security Code” text, to a span tag. Since there is no field to fill there, it was not correct to use it.
1.1.0 – 4 May 2019
- Updated: Language files.
1.0.0 – 11 April 2019
- Initial release.