Google reCAPTCHA migration

Google reCAPTCHA Migration to Google Cloud

Google reCAPTCHA migration: What WordPress & Elementor Pro Users Need to Know

Google has announced that all reCAPTCHA keys must be migrated to a Google Cloud project by the end of 2025. This transition aims to unify reCAPTCHA users under a single set of terms, provide a consistent pricing structure, and grant access to advanced security features. If your WordPress website uses reCAPTCHA—especially if you use Elementor Pro—it’s essential to understand these changes and how to prepare for them.    There is time, but it is always best to get ahead of major changes.   This article will provide the basic information you need to know abou Google reCAPTCHA migration.

What’s Changing?

  • Migration to Google Cloud: reCAPTCHA keys will be linked to a Google Cloud project instead of existing as standalone keys.   If you have Recaptcha on your current contact forms, You will need to make these changes.
  • New Management & Reporting Tools: Once migrated, users will gain access to enterprise-grade dashboarding, monitoring, reporting, logging, auditing, and access control via the Google Cloud Console.
  • No Immediate Code Changes Required: Your current reCAPTCHA integration will continue to work using the legacy SiteVerify API endpoint. However, Google recommends migrating to the latest CreateAssessment API for enhanced security and feature support.
  • Potential Pricing Changes: Google’s email includes a pricing calculator to estimate future costs based on usage. While reCAPTCHA has historically been free for low-volume users, it’s wise to check how the new structure may impact your website.

Steps to Migrate reCAPTCHA to Google Cloud

Google has stated that it will automatically create a Google Cloud project for users when their keys become eligible, but you can take action now to ensure a smooth transition. Here’s how:

1. Manually Migrate Your reCAPTCHA Keys

By migrating manually, you maintain control over which Google Cloud project will be associated with your reCAPTCHA keys.

  • Visit the Google reCAPTCHA Admin Console
  • Follow the instructions to associate your keys with a new or existing Google Cloud project.  You will need to establish a Billing Account for Google Cloud, if you don’t already have one.   You can find more information about Billing Accounts, click here.
  • Enable monitoring, reporting, and other security features in the Google Cloud Console.

2. Review Pricing and Billing

  • Visit the Google Cloud Pricing Calculator and enter your average monthly reCAPTCHA usage.
  • Determine if any charges may apply under the new pricing model.

3. Consider Updating to the CreateAssessment API

Although your site can continue using the legacy SiteVerify API, Google recommends switching to the latest CreateAssessment API for improved security and access to new features.

What WordPress & Elementor Pro Users Need to Do

If you’re running a WordPress website that relies on reCAPTCHA for security—whether through Elementor Pro, Contact Form 7, or another plugin—follow these steps to ensure your site remains secure and compliant:

  1. Check Your reCAPTCHA Integration
    • If you’re using Elementor Pro, go to Elementor > Settings > Integrations and locate the reCAPTCHA section.  Update the Private and Public Keys with the new Keys you have generated in your Cloud account.
    • If you’re using Contact Form 7, navigate to Contact > Integration in WordPress.
    • Other security plugins like Wordfence or WPForms may also have reCAPTCHA settings—verify if migration is needed.
  2. Google reCAPTCHA Migration to Google Cloud
    • Complete the manual migration process outlined above to associate your keys with a Google Cloud project.
    • Once migrated, update your API keys in WordPress if necessary.
  3. Monitor for Plugin Updates
    • Many popular WordPress plugins will likely release updates to ensure compatibility with the Google Cloud migration. Keep an eye on plugin changelogs and update accordingly.
  4. Test Your Site’s reCAPTCHA Functionality
    • After migrating, verify that reCAPTCHA is still working as expected on login pages, contact forms, and any other protected sections of your site.

Other Options for Spam Protection:  GEO Blocking

The amount of hacking, brute force attacks, spambots and other malicious actors has been increasing.   One very affective method to protect your site and contact forms is “GEO Blocking”.   Geo Blocking is simple blocking certain countries from being able to see your website.    GoDaddy offers their hosting client the Advanced Security Package.   I have been setting up a lot of these recently and have been running it on my sites for years.   For about $220 a year, you get a firewall, malware detection and elimination, Geo Blocking and much more.   If you don’t do business in foriegn countries, you may want to block access to your site.   We can help getting this set up for your GoDaddy Hosted website.

Final Thoughts

While this migration may seem like a hassle, it ultimately provides better security and control for website owners. WordPress users, particularly those relying on Elementor Pro, should take proactive steps to migrate their reCAPTCHA keys early to avoid disruptions and potential costs.

For further details, refer to Google’s official reCAPTCHA blog or reach out to Google Cloud Support for assistance.  If you would like our assistance, please contact us to set up a time to work through this together.

By following these steps, your site will remain protected under the new Google Cloud reCAPTCHA framework, ensuring seamless security and compliance moving forward.

Follow Me

Share this post

Check out our podcast!

Skip to content