The last update had a fix for a vulnerability in the captcha feature.
Now for your situation....
To get back into your site simply FTP to your server and traverse to the wp-contents/plugins folder and rename the following folder from:
all-in-one-wp-security-and-firewall
to
all-in-one-wp-security-and-firewall-temp
The above will deactivate this plugin and you will be able to login.
Once logged in to WordPress you can rename that folder back and then disable the captcha feature for now.
Another thing to do is to clear all page caches from your server if you are using a caching plugin.
If you are hosting with WPengine or similar hosts who cache the login page can you please ask them to refresh the cache for your login page.