summaryrefslogtreecommitdiffstats
path: root/docs/content/doc/advanced/config-cheat-sheet.en-us.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/content/doc/advanced/config-cheat-sheet.en-us.md')
-rw-r--r--docs/content/doc/advanced/config-cheat-sheet.en-us.md17
1 files changed, 16 insertions, 1 deletions
diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
index 04344b15dc..36e9919bc7 100644
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -568,7 +568,22 @@ Certain queues have defaults that override the defaults set in `[queue]` (this o
- `IMPORT_LOCAL_PATHS`: **false**: Set to `false` to prevent all users (including admin) from importing local path on server.
- `INTERNAL_TOKEN`: **\<random at every install if no uri set\>**: Secret used to validate communication within Gitea binary.
- `INTERNAL_TOKEN_URI`: **<empty>**: Instead of defining INTERNAL_TOKEN in the configuration, this configuration option can be used to give Gitea a path to a file that contains the internal token (example value: `file:/etc/gitea/internal_token`)
-- `PASSWORD_HASH_ALGO`: **pbkdf2**: The hash algorithm to use \[argon2, pbkdf2, scrypt, bcrypt\], argon2 will spend more memory than others.
+- `PASSWORD_HASH_ALGO`: **pbkdf2**: The hash algorithm to use \[argon2, pbkdf2, pbkdf2_v1, pbkdf2_hi, scrypt, bcrypt\], argon2 and scrypt will spend significant amounts of memory.
+ - Note: The default parameters for `pbkdf2` hashing have changed - the previous settings are available as `pbkdf2_v1` but are not recommended.
+ - The hash functions may be tuned by using `$` after the algorithm:
+ - `argon2$<time>$<memory>$<threads>$<key-length>`
+ - `bcrypt$<cost>`
+ - `pbkdf2$<iterations>$<key-length>`
+ - `scrypt$<n>$<r>$<p>$<key-length>`
+ - The defaults are:
+ - `argon2`: `argon2$2$65536$8$50`
+ - `bcrypt`: `bcrypt$10`
+ - `pbkdf2`: `pbkdf2$50000$50`
+ - `pbkdf2_v1`: `pbkdf2$10000$50`
+ - `pbkdf2_v2`: `pbkdf2$50000$50`
+ - `pbkdf2_hi`: `pbkdf2$320000$50`
+ - `scrypt`: `scrypt$65536$16$2$50`
+ - Adjusting the algorithm parameters using this functionality is done at your own risk.
- `CSRF_COOKIE_HTTP_ONLY`: **true**: Set false to allow JavaScript to read CSRF cookie.
- `MIN_PASSWORD_LENGTH`: **6**: Minimum password length for new users.
- `PASSWORD_COMPLEXITY`: **off**: Comma separated list of character classes required to pass minimum complexity. If left empty or no valid values are specified, checking is disabled (off):
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 08:37:06 +0000