WordPress Lost Password CAPTCHA

The BotDetect PHP Captcha WordPress plugin allows easy integration with the WordPress Lost Password form. Requiring Captcha validation before allowing account passwords to be reset is an effective way to prevent bots from trying to obtain access to existing user accounts for spamming purposes.

If you haven't done so already, install and activate the BotDetect PHP Captcha WordPress plugin first.

To use BotDetect Captcha protection on your WordPress Lost Password page, simply check the Lost Password option on the plugin settings page as shown below (click to enlarge):

BotDetect PHP CAPTCHA WordPress Plugin: Lost Password Captcha setting

Done! Now, open your Lost Password from and page you'll find it Captcha protected now.

WordPress Lost Password Captcha

Only human visitors who successfully solve the Captcha challenge and retype the correct Captcha code will be allowed to request a new password, while bots will be prevented from getting valid access info or even confirmation whether a user account with the given email address exists or not.

Until Captcha validation is passed, no user account data tied to the provided username will be checked or accessed at all, providing maximum protection from automated attack attempts.

To remove BotDetect Captcha protection from the Lost Password form, simply uncheck the Lost Password option shown above.

To change Captcha appearance and other options, check the BotDetect PHP Captcha WordPress plugin settings.