From 87d16e184186759568b14a7f021489ad21792c42 Mon Sep 17 00:00:00 2001
From: Jacob Vosmaer <contact@jacobvosmaer.nl>
Date: Mon, 13 Jan 2014 11:43:22 +0100
Subject: [PATCH] Explain where the default password validation is

---
 doc/security/password_length_limits.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/security/password_length_limits.md b/doc/security/password_length_limits.md
index dee2bcd..c8d66e9 100644
--- a/doc/security/password_length_limits.md
+++ b/doc/security/password_length_limits.md
@@ -1,6 +1,7 @@
 # Custom password length limits
 
-If you want to enforce longer user passwords you can create an extra Devise initializer with the following steps:
+If you want to enforce longer user passwords you can create an extra Devise initializer with the steps below.
+If you do not use the `devise_password_length.rb` initializer the password length is set to a minimum of 8 characters in `config/initializers/devise.rb`.
 
 ```bash
 cd /home/git/gitlab
--
libgit2 0.21.2