Some people have expressed their desire to have reCAPTCHA show up on the login form.
This could prove to be annoying, which is why I hadn't implemented it before, but there isn't any reason why it cannot be implemented as an optional feature. Perhaps, also allow a feature to set it to only show up if the user has failed at logging in once so far. This way, normal users aren't annoyed/bothered by the presence of yet another CAPTCHA, but bots/automated-attacks are stopped after the first attempt.
Some people have expressed their desire to have reCAPTCHA show up on the login form.
This could prove to be annoying, which is why I hadn't implemented it before, but there isn't any reason why it cannot be implemented as an optional feature. Perhaps, also allow a feature to set it to only show up if the user has failed at logging in once so far. This way, normal users aren't annoyed/bothered by the presence of yet another CAPTCHA, but bots/automated-attacks are stopped after the first attempt.