Add documentation on password generation for authentication methods

This change adds documentation on password generation for authentication methods

Add documentation on password generation for authentication methods
This change adds documentation on password generation for authentication methods
16971745 · manojmj · 979c663f · 16971745 · 16971745 · 16971745
Commit 16971745 authored Aug 17, 2020 by manojmj
6 changed files
--- a/doc/administration/auth/smartcard.md
+++ b/doc/administration/auth/smartcard.md
@@ -312,7 +312,7 @@ attribute. As a prerequisite, you must use an LDAP server that:

 ## Passwords for users created via smartcard authentication

-The [How we generate passwords for users created via integrated authentication methods](../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via smartcard authentication.
+The [Generated passwords for users created through integrated authentication](../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via smartcard authentication.

 <!-- ## Troubleshooting


--- a/doc/integration/omniauth.md
+++ b/doc/integration/omniauth.md
@@ -327,4 +327,4 @@ You may also bypass the auto signin feature by browsing to

 ## Passwords for users created via OmniAuth

-The [How we generate passwords for users created via integrated authentication methods](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via OmniAuth.
+The [Generated passwords for users created through integrated authentication](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via OmniAuth.
--- a/doc/integration/saml.md
+++ b/doc/integration/saml.md
@@ -586,7 +586,7 @@ Refer to the documentation for your SAML Identity Provider for information on ho

 ## Passwords for users created via SAML

-The [How we generate passwords for users created via integrated authentication methods](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML.
+The [Generated passwords for users created through integrated authentication](../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML.

 ## Troubleshooting


--- a/doc/security/README.md
+++ b/doc/security/README.md
@@ -7,7 +7,7 @@ type: index

 - [Password storage](password_storage.md)
 - [Password length limits](password_length_limits.md)
- [How we generate passwords for users created via integrated authentication methods](passwords_for_integrated_authentication_methods.md)
+- [Generated passwords for users created through integrated authentication](passwords_for_integrated_authentication_methods.md)
 - [Restrict SSH key technologies and minimum length](ssh_keys_restrictions.md)
 - [Rate limits](rate_limits.md)
 - [Webhooks and insecure internal web services](webhooks.md)

--- a/doc/security/passwords_for_integrated_authentication_methods.md
+++ b/doc/security/passwords_for_integrated_authentication_methods.md
@@ -2,11 +2,12 @@
 type: reference
 ---

-# How we generate passwords for users created via integrated authentication methods
+# Generated passwords for users created through integrated authentication

-GitLab allows users to create accounts using different [authentication methods](../administration/auth/README.md) like OmniAuth, SAML, SCIM, Smartcard authentication etc.
+GitLab allows users to set up accounts through integration with external [authentication and authorization providers](../administration/auth/README.md).

-These authentication methods does not require the user to explicitly create a password for their account upon signup. However, to maintain data consistency, GitLab requires each user account to have a password associated with it.
+These authentication methods do not require the user to explicitly create a password for their accounts.
+However, to maintain data consistency, GitLab requires passwords for all user accounts.

 For such accounts, we use the [`friendly_token`](https://github.com/heartcombo/devise/blob/f26e05c20079c9acded3c0ee16da0df435a28997/lib/devise.rb#L492) method provided by the Devise gem to generate a random, unique and secure password and sets it as the account password during sign up.


--- a/doc/user/group/saml_sso/index.md
+++ b/doc/user/group/saml_sso/index.md
@@ -302,7 +302,7 @@ Group SAML on a self-managed instance is limited when compared to the recommende

 ## Passwords for users created via SAML SSO for Groups

-The [How we generate passwords for users created via integrated authentication methods](../../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML SSO for Groups.
+The [Generated passwords for users created through integrated authentication](../../../security/passwords_for_integrated_authentication_methods.md) guide provides an overview of how GitLab generates and sets passwords for users created via SAML SSO for Groups.

 ## Troubleshooting