If your site is set to allow self-registration (that is if your site is either inviting registrations or setup as an ecommerce site) then you probably have noticed that spam users have been created at some point. ReCaptcha is an easy way to setup a road block to potential spam users by ensuring that someone real is creating the accounts during the registration process.
For this and more security tips visit http://docs.moodle.org/25/en/Reducing_spam_in_Moodle
ReCaptcha is available through Google and only takes a few steps to set it up. First, enable self-registration on your site. Once that’s done go to Manage Authentication.
On the Manage Authentication screen at the bottom are the two fields you need for ReCaptcha. Go to https://www.google.com/recaptcha, enter your URL and then click to have your key’s created.
You’ll need both the Public and Private key for it to work. Insert each to their fields on your Moodle site and click “Save Changes”.
When you go to your Moodle site’s registration page [yourmoodle.com/login/signup.php?] you should see ReCaptcha setup.