Add instructions for custom password length limits

0db36897 · Jacob Vosmaer · 5c1a360f · 0db36897 · 0db36897
Commit 0db36897 authored Jan 13, 2014 by Jacob Vosmaer
Showing with 15 additions and 0 deletions

config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb.example +6 -0

doc/security/password_length_limits.md doc/security/password_length_limits.md +9 -0

No files found.
--- a/config/initializers/devise_password_length.rb.example
+++ b/config/initializers/devise_password_length.rb.example
+Devise.setup do |config|
+  # The following line changes the password length limits for new users. In the
+  # example below the minimum length is 12 characters, and the maximum length
+  # is 128 characters.
+  config.password_length = 12..128
+end
--- a/doc/security/password_length_limits.md
+++ b/doc/security/password_length_limits.md
+# Custom password length limits
+
+If you want to enforce longer user passwords you can create an extra Devise initializer with the following steps:
+
+```bash
+cd /home/git/gitlab
+sudo -u git -H cp config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb
+sudo -u git -H editor config/initializers/devise_password_length.rb   # inspect and edit the new password length limits
+```