diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/config.sample.php | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index f7b63b1491f..d770aeb903d 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -309,6 +309,21 @@ $CONFIG = [ 'auth.webauthn.enabled' => true, /** + * Whether encrypted password should be stored in the database + * + * The passwords are only decrypted using the login token stored uniquely in the + * clients and allow to connect to external storages, autoconfigure mail account in + * the mail app and periodically check if the password it still valid. + * + * This might be desirable to disable this functionality when using one time + * passwords or when having a password policy enforcing long passwords (> 300 + * characters). + * + * By default the passwords are stored encrypted in the database. + */ +'auth.storeCryptedPassword' => true, + +/** * By default the login form is always available. There are cases (SSO) where an * admin wants to avoid users entering their credentials to the system if the SSO * app is unavailable. |