I have been using Plone 4 for a number of years, implementing intranets for our customer base. One of our customers now wants to move to Plone 5(.2) and create an Intranet / Extranet, to allow satellite users access to the intranet without having to VPN onto the HQ network.
We have been using LDAP to authenticate users. However this has security implications unless we secure with Captcha (Recaptcha) or 2FA. Potentially, I could persuade the customer to implement 2FA, however, for the moment I believe that recaptcha will serve my purpose.
I have Plone 5.2 installed on an Ubuntu 18.04 (VM) server, with plone.formwidget.recaptcha, Products.PluggableAuthService, pas.plugins.ldap and collective.easyform in my buildout.
(If I install collective.recaptcha, the client daemons fall over continually which has been frustrating).
So my current buildout compiles and the plone site comes up. I have configured LDAP and the captcha keys (it has been quite painful just getting to this point).
However I cannot see where to insert the recaptcha widget code, to provide a level of security and reduce the possibility of a robotic hack on the /login form ... or am I navigating myself along a dark, dead-end tunnel?
Thanks in anticipation.