New: Want better quality leads from Google Ads?

Improve my lead quality
Pete Bowen's site
Home Contact About

Can 2FA Reduce Contact Form Spam, and Should You Use It?

Spam leads are a real problem. If you’re running Google Ads—especially Performance Max campaigns—you’re probably paying for junk leads.

Most people turn to tools like CAPTCHA to slow down the spam. But there’s another approach starting to get attention: two-factor authentication (2FA). It’s not widely used on contact forms yet, but it can help reduce spam leads.

That said, it comes with some real downsides. But first...

What Is 2FA and How Can It Help?

2FA adds an extra step before someone can complete a form. You’ve probably seen it when logging into your bank—you enter your email or phone number, and then get a code to confirm your identity.

This helps cut spam because bots and low-effort human spammers:

But it also comes with some drawbacks...

It Adds Friction (Which Can Harm Conversion Rates)

2FA makes your form more secure—but also harder to use. People will tolerate 2FA to access their bank or change a Google Ads budget, but it’s a big ask for a simple enquiry.

You will lose real leads:

What Happens When a Spammer Uses a Real Email or Phone Number?

Here’s a risk that’s easy to overlook.

Spammers often use real contact details leaked in data breaches. If you send a 2FA code to that number or address, you’re contacting someone who never asked to hear from you.

Even though you have good intentions, they might:

That hurts your sender reputation. More of your messages end up in spam folders—or don’t get delivered at all. If it happens too often, your ISP or SMS provider might suspend your account.

In some countries, sending unwanted emails or texts is actually illegal. Maybe I’m being too cautious, but some people get pretty tetchy when they think their info’s been misused.

What If a Spammer Hammers Your Form While You’re Asleep?

Let’s say someone fills out your form using a leaked—but real—phone number or email address. Your 2FA system kicks in and sends a code.

If it happens once, no big deal (maybe). But if a spammer does it 50 times...

And there is another risk. To some scammers, your contact form isn’t a way to reach you—it’s an ATM.

SMS pumping is a scam where bad actors trigger floods of fake verification messages to premium-rate numbers they own. Each one earns them a small payout, and the cost lands on you. If your form sends codes automatically, they can rack up a serious bill before you even know what’s happening.

When 2FA Might Still Be Worth It

Adding 2FA might make sense in specific situations:

Reducing the Risks of Using 2FA on Contact Forms

If you’re going to use 2FA, here are a few ways to reduce the risks. Some are a bit technical—I won’t go into the weeds, but feel free to contact me if you want help.

Other Ways to Cut Down on Spam

If 2FA feels like overkill, here are some lighter options:

My Favorite: A Simple 2-Step Form

My go-to solution is a clean, two-step form. It blocks most spam without hurting conversions.

  1. Step one collects the basics—name and email.
  2. Step two asks for confirmation. Bots rarely get past the first step, but real people do.

You can see it in action here: pete-bowen.com/contact

Need some help with this?

I offer 1-to-1 mentoring and consulting. You’ll get help, advice, support and answers without having to commit to a long-term contract. Details here.

Want to increase your conversion rate?
I’ve seen conversion rates double, triple and even 10X after a few quick and easy changes to the enquiry form. Subscribe now, and I'll send you a free copy of my in-depth ebook High-Converting Enquiry Forms.
You're already paying for clicks. Now turn them into conversions. Privacy policy. Unsubscribe at any time.

Related articles

The Missing Piece on Most Service Business Landing Pages When people are looking into a product or service they rarely need they need to be confident about three things before they’ll work with you: That you actually understand what they need. That you have the competence to do what they need. That working with you won’t be a nightmare.

A Fix for Low Conversions: Separating the Sale from the Paperwork I consulted with six businesses that handle complex paperwork for their clients - such as travel documents, business registrations, and tax filings etc. Here's how we improved the conversion rate.

Why I Was Wrong About the 'About Us' Page (And What I Learned) In the past, I thought About pages were just filler because marketing should be customer-focused. I was wrong.

Being "the best" is lazy. I’m talking about describing yourself as "the best" on your website. It stops you from thinking about what actually makes your business the right choice.

Why experts sometimes have terrible conversion rates. Experts often have poor conversion rates because the words on their landing pages are all about them. Here's what you can do to fix this.

How I improve conversion rate for long booking forms Complex lead intake or booking forms offer opportunities for improving conversion rates. Here are a few...

How I track WhatsApp conversations as conversions in Google Ads At the time of writing Google has no way of tracking WhatsApp leads as conversions. I've used a couple of work arounds to solve this.

How to get more phone call leads. Most businesses who advertise online to get leads struggle to contact people who filled in an enquiry form. One way to improve this is to get leads to call you.

Will using technical terms and industry jargon on a landing page improve conversion rate? Landing pages have to be written for both the expert and non-technical user because you get both expert and non-technical visitors. Here's how to do that.

Improve conversion rates with visitor-focussed headlines High-converting headlines are about what the visitor cares for, not about the characteristics of the business. Here's how to check your headline for visitor focus.

6 Critical Mistakes You're Making with Your Landing Page Amy Hoy wrote a brilliant article titled 6 Critical Mistakes You're Making with Your Landing Page. She makes a really interesting observation which resonated with me: Landing page design is actually a usability exercise.

CAPTCHA is like putting barbed wire in front of your shop Don't make it difficult for your customers to contact you. Businesses with the smoothest processes will attract (and keep) the best customers.

Do long enquiry forms get more qualified leads? If your enquiry form asks for much more than contact details you're losing qualified sales leads. Read on to learn why...

Honest conversion tracking when you've got live chat, click to call and a form I took on an account with no useful conversion data. Here's how I started tracking calls, forms and live chat accurately.

How I got landing page load time down from 0.8 seconds to 0.2 seconds. Here’s a quick tip for improving landing page speed. As you know, nobody likes a slow website. Load speed is strongly correlated with the conversion rate: Fast website = more leads.

How long should your landing page be? How long should your landing page be? The answer isn't a number.

How to craft high-converting headlines, even if you have the copywriting skills of a turnip. If you’re anything like me, starting is the hardest part of writing. It's like I'm staring at the screen waiting for someone to unblock the idea pipe. That struggle is over.

How to improve landing page experience. Improving page speed helps improve landing page experience. Google's guidance is broad, not specific. That makes it hard to know what to do. Google does provide one specific set of instructions, following these will improve landing page experience and boost conversion rates.

I’m paying for clicks but I'm not getting enough leads. Read on to learn how your website could be sabotaging your advertising. And, what you can do to get more leads from your the clicks you've already paid for.

Improve website conversion rates with autocomplete. Here's a small tweak to the contact form on your website that'll make it easier for people to complete it. Adding autocomplete to your form fields is one of those 1% kaizen improvements. They all add up.

Landing pages: Click-to-call or contact form? You get the highest conversion rates from landing pages that concentrate on convincing visitors to do just one thing. Offer visitors too many choices and they bounce. But what if there are two equally good things your visitor could do?

Use HTTPS for your landing pages or kill your conversion rate. The number of website enquiries you get is going to fall off a cliff after 24th of October if your website doesn't use HTTPS. After the 24th of October 2017, Google Chrome will warn people that web pages with forms are insecure unless they’re served over HTTPS. Here's how to fix this.

We read websites like we did 100 years ago Even though the internet is infinitely more ubiquitous now. Even though we've had a generation grow up with Google. Even though 2-year olds have iPads
. The way people read websites hasn't changed...

What's your landing page's first job? It’s not to convince someone to buy from you, establish trust, build your brand or educate your customer. Those things are important but they're not the first job. The first job is ...

Length is a liability; value per page is an asset. This is a quote from Write Useful Books by Rob Fitzpatrick. His advice is perfect for lead-generation landing pages.

How to improve landing page conversion rates by increasing visitor motivation Here's how I doubled the conversion rate on some Google Ads lead generation landing pages by improving visitor's motivation.