Get Free Audit

Admin Security Settings and CAPTCHA in Magento 2.0

Oct 9, 2015

847 Andrey Dubina

Admin Security Settings and CAPTCHA in Magento 2.0

Let’s protect your Magento 2.0 website using Admin Security settings.

Stores -> Configuration -> Advanced -> Admin -> Security


Add Secret Key to URLs:

This option is necessary to prevent against CSRF (Cross-site request forgery) attacks. You will not speed up your website by disabling this option and it will expose your website to a potential attack. So we select “Yes” here.

Login is Case Sensitive

If you want to enable passwords like this: PasSwOrD where cases will be important, select “Yes” to enable Case Sensitive Login.

Admin Session Lifetime

During the selected amount of time, admins’ account will be active after the last interaction of the admin with your site.


Just for you to know, it means “Completely Automated Public Turing test to tell Computers and Humans Apart.”

Igor Dragun
Partner With Us Let's discuss how to grow your business. Get a Free Quote.
Talk to Igor


By default if you enable Admin Login CAPTCHA and don’t change its settings, it will appear after 3 unsuccessful attempts to login.


You can enable CAPTCHA to be displayed either always or after a certain number of unsuccessful attempts.

CAPTCHA Timeout determines how long current CAPTCHA will last. After this time expires, the user will need to reload page and enter a new combination. You can also define the number of symbols used in CAPTCHA as well as the set of symbols used for it. You can also make it mandatory to enter symbols according to their Case (Change Case Sensitive to “Yes”).

Now after you’ve enabled CAPTCHA you’ve reduced the risk of your e-store being hacked. And may malevolent people never enter your website.

magento support

Magento Support

Take your online store to the next level with BelVG Magento support

Visit the page

Looking for expert Magento audit services? Turn to BelVG certified Magento team!

Igor Dragun
Partner With Us Looking for a partner to grow your business? We are the right company to bring your webstore to success. Talk to Igor

Post a new comment

BelVG Newsletter
Subscribe to our mailing list and get interesting stuff and updates to your email inbox.
Email *