Description

A simple captcha for the WordPress login form. To be able to login, the user is required to enter a random 3-digit number in a text field.

The correct number is displayed above the field by a small JavaScript code. Compatible with the WooCommerce login form. Compatible with multisite.

Demo

https://nikolaydev.com/wp-login.php

Simple

No complicated features
No settings
No image generation
No API
No sessions
No cookies
No IP address detection
No personal data collection
No vulnerabilities in the programming code

Recommendation

Bots can also try to login with the XML-RPC feature of WordPress! Very rarely plugins also need this (like the Jetpack plugin). But if you don’t use it, I recommend that you disable it. You can use the super simple one-line plugin Disable XML-RPC.

Notice

This is a simple plugin designed to protect against random bots that try to login on your site. But if a person actually looks at the code of this plugin and specifically designs a new bot that targets this plugin, this bot would be able to bypass the protection.

Screenshots

WordPress login form with the simple captcha
Viewing the number of blocked and passed requests this month

Installation

Simply install and activate the plugin, like you would any normal plugin. There are no settings.

Visit your Plugins Add New Screen
Find the plugin by searching for: Simple Login Captcha
Install the plugin, by clicking the “Install Now” button
Activate the plugin, by clicking the “Activate” button

FAQ

How to deactivate the plugin if it does not allow me to login due to an error?: If there is an error or a bug, and you are locked out of the site by this plugin, you can simply delete or rename the plugin folder /wp-content/plugins/simple-login-captcha/ using FTP or the file manager of your hosting.

Reviews

hovrashko May 26, 2023

It does look like nice and simple solution, but it doesn't work and wont login sometimes, or permanently for no reason.

manikbajaj May 24, 2023 1 reply

Really! Lol!! Captcha plugin which can be broken in seconds.

Micha February 11, 2023 1 reply

Install and a simple captcha will be displayed in your login. The mass of login attempts by spam robots could easily be reduced with the plugin.The plugin is not compatible with other plugins such as a login for the user login.I was able to massively reduce spam attempts by using it. Thank you for the great work!

DawnK December 18, 2022 1 reply

Worked fine at first, but then it ended up locking us out of the site. Entering correct password and the 3 digit code, would say invalid login attempt. Do the Forgot password, change password, and try to login agtain, and it would say invalid login. Had to disable the plugin in order to get access to the site again. Just my experience.

tinaponting November 5, 2022 1 reply

A simple plugin who works as it should do, protects against Auto bots. USE it:)

Svensonsan June 24, 2022 1 reply

Does add a nice looking simple login code on the login screen. That's it. Works as it should. No upselling, no pro-version, just fullfilling this one usecase. Love it.

Read all 17 reviews

Contributors & Developers

“Simple Login Captcha” is open source software. The following people have contributed to this plugin.

Nikolay Nikolov

“Simple Login Captcha” has been translated into 7 locales. Thank you to the translators for their contributions.

Translate “Simple Login Captcha” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.3.5 – 20 February 2023

Added: Translated language files for Brazilian Portuguese (thanks to Rodrigo).

1.3.4 – 2 December 2022

Improved: Deletes part of the old data about monthly number of passed or blocked logins so it does not increase the number of options in the database over the years (even though it was an insignificant amount anyway).
Improved: The data about the monthly number of passed or blocked logins is now saved in a way that will avoid automatically loading it in the cached list of options in the server memory, since it is not needed there.

1.3.3 – 11 April 2021

Added: Compatibility with front-end login forms that use the wp_login_form function (but the form must not be cached by a caching plugin).

1.3.2 – 16 December 2020

Added: Translated language files for Polish (thanks to Karol).

1.3.1 – 16 December 2019

Fixed: The language files were not loaded if they were only present in the plugin languages folder (and not in wp-content/languages/plugins).

1.3.0 – 13 December 2019

Added: Compatibility with the WooCommerce login page.
Added: Translated language files for German (thanks to Tilo).
Improved: The gray container of the security code now has a slight border.

1.2.0 – 10 September 2019

Improved: In a multisite, when activated on separate sub-sites only, now uses one global database table.
Fixed: In a multisite, when network activated, it would not work in login pages of separate sub-sites. It would work only on the main site login page, and on the login pages for other site, it would not let anyone in.
Fixed: Changed the label tag surrounding the “Security Code” text, to a span tag. Since there is no field to fill there, it was not correct to use it.

1.1.0 – 4 May 2019

Improved: The correct number is now displayed as a result of a small JavaScript calculation (so not in plain text).
Updated: Language files.

1.0.0 – 11 April 2019

Initial release.

Blocks the ability to login randomly

Misses the point! Stupid Plugin

Simple plugin that just works

Locked us out

Great plugin

Perfect. Simple. Looks good. Effective.