From db657192d0349f7b10a62515fbf085d3a48d88f9 Mon Sep 17 00:00:00 2001 From: Maxim Tkachenko Date: Mon, 14 Oct 2019 22:24:26 +0700 Subject: Password Complexity Checks (#6230) Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords. Co-Authored-By: T-M-A Co-Authored-By: Lanre Adelowo Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-Authored-By: Lauris BH --- custom/conf/app.ini.sample | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'custom') diff --git a/custom/conf/app.ini.sample b/custom/conf/app.ini.sample index fd8d928ede..79d9960052 100644 --- a/custom/conf/app.ini.sample +++ b/custom/conf/app.ini.sample @@ -332,6 +332,9 @@ MIN_PASSWORD_LENGTH = 6 IMPORT_LOCAL_PATHS = false ; Set to true to prevent all users (including admin) from creating custom git hooks DISABLE_GIT_HOOKS = false +;Comma separated list of character classes required to pass minimum complexity. +;If left empty or no valid values are specified, the default values (`lower,upper,digit,spec`) will be used. +PASSWORD_COMPLEXITY = lower,upper,digit,spec ; Password Hash algorithm, either "pbkdf2", "argon2", "scrypt" or "bcrypt" PASSWORD_HASH_ALGO = pbkdf2 ; Set false to allow JavaScript to read CSRF cookie @@ -415,7 +418,7 @@ DEFAULT_ALLOW_CREATE_ORGANIZATION = true ; Public is for everyone DEFAULT_ORG_VISIBILITY = public ; Default value for DefaultOrgMemberVisible -; True will make the membership of the users visible when added to the organisation +; True will make the membership of the users visible when added to the organisation DEFAULT_ORG_MEMBER_VISIBLE = false ; Default value for EnableDependencies ; Repositories will use dependencies by default depending on this setting -- cgit v1.2.3