Configuring reCaptcha

For added security you can require reCaptcha when users complete these actions in the portal site:

Registering new accounts
Recovering forgotten usernames
Resetting passwords
Adding instruments
Making payments

Rhythm for Civics uses Google's reCaptcha service. To configure reCaptcha you must first obtain a site key and a secret key from Google. The necessary keys can be obtained at https://www.google.com/recaptcha/admin.

There are several places in the Portal configuration where you can enter your reCaptcha keys and enable the service:

Use the Portal User node to configure reCaptcha for the Register New Account, Reset Password, and Add Instrument widgets.
Use the Payment node under Setup > Cashiering Transactions to configure reCaptcha for payments.
The reCAPTCHA node under the Setup node is used to enable reCaptcha for the Forgot Username widget.

The reCaptcha configuration on the Payment node includes both the public key and the secret key, but the Portal User node only has the secret key.

You will use the widget configuration to enter the public keys for the Register New Account, Reset Password, and Add Instrument widgets. You must also enable reCaptcha for each widget by marking it as required.

See Configuring widgets.

Note: If you want to use reCaptcha for any one of these widgets, you must enable it for all of them.

For the Register New Account and Reset Password widgets, set the Require reCaptcha option to True and enter your site key in the Google reCaptcha Site Key (public key) field.

For the Add Instrument widget, select the Require reCaptcha on Anonymous Service Requests check box and enter your site key in the Site reCaptcha Key field.

For the Forgot Username widget, the Setup > reCAPTCHA node in the Portal configuration is used to enable reCaptcha. The public key is specified in the widget configuration.

Finally, to use reCaptcha, port 443 must be open for outbound traffic.