diff --git a/changelog.txt b/changelog.txt
deleted file mode 100644
index 8ce36c8..0000000
--- a/changelog.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-2014-06-27: File cache support
-2014-06-14: Foreign Char Support
-2014-02-25: HTTPS Support
-2014-02-15: HTMLy v1.2
-2014-02-08: HTMLy v1.1.
-2014-02-01: HTMLy v1.0.
-2014-01-26: RC version.
-2014-01-01: Initial release.
\ No newline at end of file
diff --git a/config/config.ini.example b/config/config.ini.example
index a296c1c..89a1049 100644
--- a/config/config.ini.example
+++ b/config/config.ini.example
@@ -43,6 +43,13 @@ google.publisher = ""
 ; Google analytics
 google.analytics.id = ""
 
+; Google reCaptcha
+; https://www.google.com/recaptcha/admin
+
+google.reCaptcha = false
+google.reCaptcha.public = ""
+google.reCaptcha.private = ""
+
 ; Pagination, RSS, and JSON
 posts.perpage = "5"
 tag.perpage = "10"
diff --git a/system/admin/views/login.html.php b/system/admin/views/login.html.php
index cc97d9f..916e9b7 100644
--- a/system/admin/views/login.html.php
+++ b/system/admin/views/login.html.php
@@ -9,6 +9,11 @@
 		Password <span class="required">*</span> <br>
 		<input type="password" class="<?php if (isset($password)) { if (empty($password)) { echo 'error';}} ?>" name="password"/><br><br>
 		<input type="hidden" name="csrf_token" value="<?php echo get_csrf()?>">
+        <?php if(config("google.reCaptcha")):?>
+            <script src='https://www.google.com/recaptcha/api.js'></script>
+            <div class="g-recaptcha" data-sitekey="<?php echo config("google.reCaptcha.public"); ?>"></div>
+            <br/>
+        <?php endif;?>
 		<input type="submit" name="submit" value="Login"/>
 	</form>
 <?php } else {header('location: admin');} ?>
\ No newline at end of file
diff --git a/system/htmly.php b/system/htmly.php
index 22d9a95..83cf5ba 100644
--- a/system/htmly.php
+++ b/system/htmly.php
@@ -57,11 +57,12 @@ get('/index', function () {
 // Get submitted login data
 post('/login', function () {
 
-    $proper = is_csrf_proper(from($_REQUEST, 'csrf_token'));
+    $proper = (is_csrf_proper(from($_REQUEST, 'csrf_token')));
+    $captcha = isCaptcha(from($_REQUEST, 'g-recaptcha-response'));
 
     $user = from($_REQUEST, 'user');
     $pass = from($_REQUEST, 'password');
-    if ($proper && !empty($user) && !empty($pass)) {
+    if ($proper && $captcha && !empty($user) && !empty($pass)) {
 
         session($user, $pass, null);
         $log = session($user, $pass, null);
@@ -88,6 +89,9 @@ post('/login', function () {
         if (!$proper) {
             $message['error'] .= '<li>CSRF Token not correct.</li>';
         }
+        if(!$captcha) {
+            $message['error'] .= '<li>reCaptcha not correct.</li>';
+        }
 
         config('views.root', 'system/admin/views');
 
diff --git a/system/includes/functions.php b/system/includes/functions.php
index 7b2933c..33b952b 100644
--- a/system/includes/functions.php
+++ b/system/includes/functions.php
@@ -1758,3 +1758,24 @@ function remove_html_comments($content)
 {
     return trim(preg_replace('/(\s|)<!--(.*)-->(\s|)/', '', $content));
 }
+
+function isCaptcha($reCaptchaResponse){
+    if(! config("google.reCaptcha")){
+        return true;
+    }
+    $url = "https://www.google.com/recaptcha/api/siteverify";
+    $options = array(
+        "secret" => config("google.reCaptcha.private"),
+        "response" => $reCaptchaResponse,
+        "remoteip" => $_SERVER['REMOTE_ADDR'],
+    );
+    $fileContent = @file_get_contents($url . "?" . http_build_query($options));
+    if($fileContent === false) {
+        return false;
+    }
+    $json = json_decode($fileContent, true);
+    if($json == false){
+        return false;
+    }
+    return ($json['success']);
+}