Here’s what helps.
First, what is a reCAPTCHA?
Google reCAPTCHA is a free Google tool that protects website forms from malicious users and spam. It helps determine whether the person completing your form is a human or a robot.
Why does it deny some website submissions?
Generally, it takes time for the reCAPTCHA API to load and verify your site’s account. APIs allow two software components to talk with each other using a set of definitions and protocols. reCAPTCHA API keeps track and categorizes users as either high-risk or low-risk and later stores that information for analysis.
Whether your form works may depend on whether reCAPTCHA is wholly loaded; an entire library needs to load to check the users of your website forms. Here at VIA, load times are improved by delaying the release of the reCAPTCHA scripts until they are needed. In other words, when the user clicks on a form field, the reCAPTCHA verification is only then called.
Why are load times beneficial?
- For search engine optimization. Many search engines prioritize sites with fast load times as part of good UX (user experience).
- To close the sale. Say you run an e-commerce site, and a customer in a hurry comes to the site to buy something. They go to your site only to be greeted with a white screen for five seconds. Of course, they give up and decide to purchase somewhere else. In 6 seconds, the page would have loaded, and you would have made that sale.
It’s easy to see why loading reCAPTCHA scripts on an as-needed basis is so important. Making sure your forms work well is crucial to security, user experience, and brand reputation.
What should you do when the form denies your customer?
One of your site users fills out your contact form wanting to contact you. They then press submit on their form. Darn… An error message shows through to give you a clue.
There are three reasons your customer could face a denial.
- Wrong codes. The programmer may have entered the wrong codes when setting up your reCAPTCHA. Google uses a site key code and a secret key code. These codes make sure Google is connecting correctly and securely. If the site key is wrong, the reCAPTCHA symbol in the bottom right will show the error message: “Invalid site key.” If the “Secret key code” is incorrect, you will not get an error message. Let the Web Developer of your marketing company know, and they’ll get it fixed for you.
- The user is suspicious. When reRECAPTCHA thinks someone is too suspicious, you will get an error message saying the reCAPTCHA standards are not met. Have your customer sign into their Google account and try again. Spam bots don’t have Google accounts, so signing in increases the likelihood their message will be accepted. Or ask them to use an Incognito window on their browser.
- Duplicate message error. This means they probably struggled with the submission and tried to submit the exact text more than once. The system sees this as an action a Bot would use and denies the user in its mission to prevent spam. Ask your customer to change their message a little and try to submit it again.
Please let us know if you have questions or need help securing your reCAPTCHA in our contact form.