The only possible reason for the CAPTCHA would be to take care of brute force bots or bots trying a series of exploits on the login forms but as Engineer already said there are more elegant PHP based ways of preventing that.
If it’s bots you want to stop there are many ways to install bot traps, invisible form fields etc. But then again that probably wouldn’t help Statsremote a great deal :tongue:
I guess the best thing to do would be to get rid of the CAPTCHA and install a few PHP rules for the number of incorrect logins, security questions and require strong passwords etc.
But don’t make it ridiculous like Goldenpalace who lock your account after two failed logins, have a faulty unlocking routine and to make things worse have a case sensitive login form….