Error message: Antibot verification failed

After the login fails, I see this in console.

Tracking Prevention blocked access to storage for https://www.google.com/.
login:1  Tracking Prevention blocked access to storage for https://www.google.com/.
login:1  Tracking Prevention blocked access to storage for https://www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js.
login:1  Tracking Prevention blocked access to storage for https://www.google.com/js/bg/R158mP-HER8cF-2W1d4Zs3A-8309t2iBf9rXxsmuGOY.js.

I don't know if it's related.

I tried uninstalling and re-installing the recaptcha and recaptcha v3 modules. Now the error message is different.

Error message
The answer you entered for the CAPTCHA was not correct.

I even changed my user password to make absolutely certain, but it's not letting me log in with v3.

Here is the current log message when the antibot failure message appears using the login form.

Google reCAPTCHA v3 validation failed: Not a success, but no error codes received! Expected action did not match.

More console information:
I'm seeing a message "Third party cookies will be blocked"

Here's more info:

Cookies with the SameSite=None; Secure and not Partitioned attributes that operate in cross-site contexts are third-party cookies. In future Microsoft Edge versions, reading third-party cookies will be blocked. This behavior protects user data from cross-site tracking.
Please refer to the article linked to learn more about preparing your site to avoid potential breakage.
3 cookies
1 request

api.js?onload=ctctOnLoadCallback&render=explicit
Learn more: Prepare for phasing out third-party cookies

1. Are you using a custom template for the form with a captcha?
2. Can you send me a link to the form page in PM?

Now we are starting to get reports of people being unable to submit forms because of captcha errors. I've checked the keys many times and they are set up correctly. The badge appears on our website, so I know I have the domain set up correctly in Google. I've been asking people to provide more specific error messages, but it seems v3 is failing in forms.

1. Are you using a custom template for the form with a captcha?
2. Can you send me a link to the form page in PM?

Sorry I missed these questions. I will look into it shortly. I will have to enable a form with captcha in order for you to view it failing. I think I actually do have a custom page template for all webforms.

The user login was the form that we started having issues with. This does not use a custom template.

Yes, it looks like one of the "problem" webforms has a custom template. However, one of them does not. As mentioned, we also turned off captcha on the user login form, which is not using a custom template.

I am not quite at the point where I can share dev. environments with you. We just changed our hosting platform and only have a production environment. I can share a form that's enabled with captcha via the "points" but it does not have a captcha widget.

I noticed that the only remedy appears to be removing the captcha form element from forms. There was a form that was disabled via points, but still had the captcha widget. This widget was giving users a lot of trouble.

can you also send me a screenshot of the recaptcha v3 config in google admin: https://www.google.com/recaptcha/admin/

I can't send an image or file with the "Contact" feature on your profile page. I don't know how to add screenshots here. When I click the add image button, it wants an image URL.

I had just removed a staging domain from the list and saved the changes. It turns out I accidentally deleted both domains, but this was only for a minute. I know it appears that I didn't have a domain configured, but I did.

try to add domain name with "www"

I just re-enabled this in Google admin

Verify the origin of reCAPTCHA solutions
If disabled, you are required to check the hostname on your server when verifying a solution.

and also please show the captcha action config

I added "www" and tried logging into site. Still getting the error message, then it falls back to v2 checkbox.

I just re-enabled this in Google admin

no, let's left it unchecked.

Label
reCAP v3 Action
Machine name: recap_v3_action
Label for the reCAPTCHA v3 action.
Threshold
0.5
The threshold score value. See the scores interpretation documentation for more information.
Fallback challenge
reCAPTCHA (from module recaptcha)
Select the fallback challenge on reCAPTCHA v3 user validation fail.

I wonder if I should try with new keys. That's the only thing I haven't tried.

if I should try with new keys

yes, you can try.
Also what do you have in the Recapthact v3 settings for the:

1. Local domain name validation
2. Cacheable

?

I just uploaded the v3 settings in Admin

try to uncheck "Local domain name validation"

So you suggest unchecking on both Google and in Drupal? (despite what is says about doing one or the other)

I just started a brand new "site" in Google with new keys. I didn't have any issues logging in.

So you suggest unchecking on both Google and in Drupal? (despite what is says about doing one or the other)

Just for testing purposes.

Should the form captcha v3 be working if I create a point but don't use a form widget? I'm not seeing a badge on the form pages where there is a point configured, unless I enable the widget.

If you are talking about webforms, you need to use only one method: captcha point or webform captcha element.

Thanks but when I don't have a captcha element, but do have a captcha point, I don't see a badge

Thanks but when I don't have a captcha element, but do have a captcha point, I don't see a badge

then you need to check if you are using the correct form id.

Actually, I'm intermittently seeing the badge. There are forms like this: https://www.dgcoks.gov/administration/contact
This page has BOTH enabled and there is no badge. I'd say generally the only time I see the badge is if a form element is enabled. The IDs are all correct.

Automatically closed - issue fixed for 2 weeks with no activity.