diff options
Diffstat (limited to 'doc/security/password_length_limits.md')
-rw-r--r-- | doc/security/password_length_limits.md | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/doc/security/password_length_limits.md b/doc/security/password_length_limits.md index d78293c75c6..9909ef4a8e4 100644 --- a/doc/security/password_length_limits.md +++ b/doc/security/password_length_limits.md @@ -1,19 +1,31 @@ --- type: reference, howto --- + # Custom password length limits -If you want to enforce longer user passwords you can create an extra Devise -initializer with the steps below. +The user password length is set to a minimum of 8 characters by default. +To change that for installations from source: + +1. Edit `devise_password_length.rb`: + + ```sh + cd /home/git/gitlab + sudo -u git -H cp config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb + sudo -u git -H editor config/initializers/devise_password_length.rb + ``` + +1. Change the new password length limits: + + ```ruby + config.password_length = 12..128 + ``` -If you do not use the `devise_password_length.rb` initializer the password -length is set to a minimum of 8 characters in `config/initializers/devise.rb`. + In this example, the minimum length is 12 characters, and the maximum length + is 128 characters. -```bash -cd /home/git/gitlab -sudo -u git -H cp config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb -sudo -u git -H editor config/initializers/devise_password_length.rb # inspect and edit the new password length limits -``` +1. [Restart GitLab](../administration/restart_gitlab.md#installations-from-source) + for the changes to take effect. <!-- ## Troubleshooting |