Add instructions for custom password length limits

Jacob Vosmaer
1 parent 5c1a360f
Showing 2 changed files with 15 additions and 0 deletions Show diff stats
config/initializers/devise_password_length.rb.example
doc/security/password_length_limits.md
@@ -0,0 +1,6 @@
+Devise.setup do |config|
+  # The following line changes the password length limits for new users. In the
+  # example below the minimum length is 12 characters, and the maximum length
+  # is 128 characters.
+  config.password_length = 12..128
+end
@@ -0,0 +1,9 @@
+# Custom password length limits
+
+If you want to enforce longer user passwords you can create an extra Devise initializer with the following steps:
+
+```bash
+cd /home/git/gitlab
+sudo -u git -H cp config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb
+sudo -u git -H editor config/initializers/devise_password_length.rb   # inspect and edit the new password length limits
+```
...	...	@@ -0,0 +1,6 @@
	1	+Devise.setup do \|config\|
	2	+ # The following line changes the password length limits for new users. In the
	3	+ # example below the minimum length is 12 characters, and the maximum length
	4	+ # is 128 characters.
	5	+ config.password_length = 12..128
	6	+end
...	...
...	...	@@ -0,0 +1,9 @@
	1	+# Custom password length limits
	2	+
	3	+If you want to enforce longer user passwords you can create an extra Devise initializer with the following steps:
	4	+
	5	+```bash
	6	+cd /home/git/gitlab
	7	+sudo -u git -H cp config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb
	8	+sudo -u git -H editor config/initializers/devise_password_length.rb # inspect and edit the new password length limits
	9	+```
...	...