reCAPTCHA helps you to protect your user login page against spam, malicious registrations, and other forms of attack where bots or malicious software pretend as humans to access your computer. reCAPTCHA can help you secure Access Manager against attacks such as denial-of-service (DoS) and brute-force, which can impact the system performance to a large extent.
reCAPTCHA provides an additional layer of security by requesting users to confirm that they are not a robot. It displays images that users must select based on a matching criteria. If a response succeeds, Access Manager authenticates the user’s authentication credentials. If a response fails, Access Manager does not authenticate the user credentials, and redirects to the login page. Software bots typically cannot scan the images to provide a response.
Access Manager supports only the latest invisible reCAPTCHA. For more information, see Google developer guide for reCAPTCHA.
reCAPTCHA works on both Name/Password – Form and Secure Name/Password – Form authentication.
The following sections provide information about configuring reCAPTCHA: