reCAPTCHA v2: How To Update The Defenses Of Your Moodle Site Against Unwanted Robots


Moodle-based e-learning company Pukunui is offering warning and advice for Moodle site administrators or job roles involving data security.

As reported on Pukuni’s blog, this month Google will discontinue reCAPTCHA v1, the original tool designed to verify the identity of users login into pages. The new version, reCAPTCHA v2, brings an improved, machine learning-based tool to prevent automatic sign-up. Plus it is more user friendly.

Moodle has already enabled reCAPTCHA v2 for authentication, but the update from v1 is not automatic. Site administrators must disable reCAPTCHA, then re-enable it so it updates to v2. The new widget keeps the previous credentials, which means developers do not have to apply for new authentication tokens.

Sites that continue using reCAPTCHA v1 after March might face unidentified vulnerabilities without the support of Google or Moodle HQ. They might also face downtime, which risks keeping your users from logging in.

To activate reCAPTCHA on your Moodle site, you need to enable “Emails based-self registration”. Read more about it in the Moodle Docs.

Leave a Reply

Your email address will not be published. Required fields are marked *