Login Requiring CAPTCHA although Spam Prevention is Turned Off


アトラシアン コミュニティをご利用ください。



  • Users keep getting CAPTCHA when they login to Confluence.
  • The spam prevention is turned off in Dashboard >> Administration >> Look and Feel >> Spam Prevention.


Starting from Confluence 3.2.1, there is a new CAPTCHA option for failed logins. This is designed to prevent automated password attempts against Confluence, which has been used in the past to attack public instances of Atlassian applications.


If your users continue to be prompted with CAPTCHA even after logging in successfully, they most likely have an RSS client accessing Confluence with an incorrect password:

  • Ask the user to check their RSS feed reader for error messages about failed password or authentication, and enter the correct password for your site.
  • Check the Confluence log files for information about the failed login.

If only trusted users can access your system, you can turn this security feature off:

  • In Confluence 3.2.1, go to Dashboard >> Administration >> General Configuration >> CAPTCHA on login and turn it off
  • In Confluence 3.3 and later versions, go to Dashboard >> Administration >> Security Configuration >> CAPTCHA on login and disable it

We do not recommend disabling this setting if you have untrusted users or run a publicly accessible instance of Confluence.

最終更新日 2018 年 11 月 2 日


Powered by Confluence and Scroll Viewport.