reCAPTCHA Key

Description

General

• Documentation: https://developers.google.com/recaptcha/intro
• Summary: reCAPTCHA key is used to verify that the request sent to a website is not done by a bot.
• IPs allowlist: It is possible to restrict verification to a domain/package name.
• Scopes: This feature is not relevant for this type of key.

Revoke the secret

This can be done from the Google developers console.

Check for suspicious activity

Alerts can be automatically triggered by Google if they find suspicious activity. This setting is available from the console.

Details for Google recaptcha

• Family: Api

• Category: Other

• Company: reCAPTCHA

• High recall: True

• Validity check available: True

• On-premise instances exist: False

• Only valid secrets raise an alert: True

• Minimum number of matches: 1

• Occurrences found for one million commits: 34.98

• Prefixed: True

• PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  banlist_filenames: []  check_binaries: false  include_default_banlist_extensions: false  ban_markup: false- type: ContentWhitelistPreValidator  patterns:  - 6l[c-f]

Examples

- text: >    reCAPATCHA    recaptcha apikey = 6Lcw--w-AAAAAw-w-w----w-w-www-www--ww-w-  apikey: 6Lcw--w-AAAAAw-w-w----w-w-www-www--ww-w-