Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
vue-recaptcha-v3
Advanced tools
vue-recaptcha-v3
[](https://www.npmjs.com/package/vue-recaptcha-v3) [](https://www.npmjs.com/package/vue-recaptcha-v3)
Vue reCAPTCHA-v3
A simple and easy to use reCAPTCHA (v3 only) library for Vue based on reCAPTCHA-v3.
The latest version of this package supports Vue 3! See here for Vue 2 usage.
Install
With NPM:
$ npm install vue-recaptcha-v3
With Yarn:
$ yarn add vue-recaptcha-v3
Prerequisites
To use this package you only need a valid site key for your domain, which you can easily get here.
Usage
import Vue from 'vue'
import { VueReCaptcha } from 'vue-recaptcha-v3'
// For more options see below
Vue.use(VueReCaptcha, { siteKey: '<site key>' })
new Vue({
methods: {
async recaptcha() {
// (optional) Wait until recaptcha has been loaded.
await this.$recaptchaLoaded()
// Execute reCAPTCHA with action "login".
const token = await this.$recaptcha('login')
// Do stuff with the received token.
}
},
template: '<button @click="recaptcha">Execute recaptcha</button>'
})
Vue 3 Composition
import { createApp } from 'vue'
import { VueReCaptcha, useReCaptcha } from 'vue-recaptcha-v3'
const component = {
setup() {
const { executeRecaptcha, recaptchaLoaded } = useReCaptcha()
const recaptcha = async () => {
// (optional) Wait until recaptcha has been loaded.
await recaptchaLoaded()
// Execute reCAPTCHA with action "login".
const token = await executeRecaptcha('login')
// Do stuff with the received token.
}
return {
recaptcha
}
},
template: '<button @click="recaptcha">Execute recaptcha</button>'
}
createApp(component)
.use(VueReCaptcha, { siteKey: '<site key>' })
TypeScript + Vue 3
To get type suggestions for instance variables (this is not needed for composition API), create a new file called shims-vue-recaptcha-v3.d.ts and put the following inside it:
import { ReCaptchaInstance } from 'recaptcha-v3'
declare module '@vue/runtime-core' {
interface ComponentCustomProperties {
$recaptcha: (action: string) => Promise<string>
$recaptchaLoaded: () => Promise<boolean>
$recaptchaInstance: ReCaptchaInstance
}
}
Options
This plugin offers optional options to configure the behavior of some parts.
Available options:
| Name | Description | Type | Default value |
|---|---|---|---|
| siteKey | The site key for your domain from Google. | string | none |
| loaderOptions | Optional options for the recaptcha-v3 loader. The available options are described here. | object | null |
Usage
To use the options just pass an object to the Vue.use(...) method. For example:
import Vue from 'vue'
import { VueReCaptcha } from 'vue-recaptcha-v3'
Vue.use(VueReCaptcha, {
siteKey: '<site key>',
loaderOptions: {
useRecaptchaNet: true
}
})
Advanced usage
Some topics which are not commonly used, but required in some cases.
Access reCAPTCHA-v3 instance
In some cases it's necessary to interact with the reCAPTCHA-v3 instance, which provides more control over reCAPTCHA.
const recaptcha = this.$recaptchaInstance
// Hide reCAPTCHA badge:
recaptcha.hideBadge()
// Show reCAPTCHA badge:
recaptcha.showBadge()
FAQs
[](https://www.npmjs.com/package/vue-recaptcha-v3) [](https://www.npmjs.com/package/vue-recaptcha-v3)
The npm package vue-recaptcha-v3 receives a total of 47,689 weekly downloads. As such, vue-recaptcha-v3 popularity was classified as popular.
We found that vue-recaptcha-v3 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 13 Apr 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025
Application Security
/Research
/Security News
Updated and Ongoing Supply Chain Attack Targets CrowdStrike npm Packages
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.
By Kush Pandya, Peter van der Zee, Olivia Brown, Socket Research Team - Sep 16, 2025