Add instructions for custom password length limits

author Jacob Vosmaer <contact@jacobvosmaer.nl>

Mon, 13 Jan 2014 09:30:46 +0000 (10:30 +0100)

committer Jacob Vosmaer <contact@jacobvosmaer.nl>

Mon, 13 Jan 2014 09:41:10 +0000 (10:41 +0100)
author Jacob Vosmaer <contact@jacobvosmaer.nl>
Mon, 13 Jan 2014 09:30:46 +0000 (10:30 +0100)
committer Jacob Vosmaer <contact@jacobvosmaer.nl>
Mon, 13 Jan 2014 09:41:10 +0000 (10:41 +0100)
diff --git a/config/initializers/devise_password_length.rb.example b/config/initializers/devise_password_length.rb.example

new file mode 100644 (file)

index 0000000..9730582
--- /dev/null
+++ b/config/initializers/devise_password_length.rb.example
@@ -0,0 +1,6 @@
+Devise.setup do |config|
+  # The following line changes the password length limits for new users. In the
+  # example below the minimum length is 12 characters, and the maximum length
+  # is 128 characters.
+  config.password_length = 12..128
+end
diff --git a/doc/security/password_length_limits.md b/doc/security/password_length_limits.md

new file mode 100644 (file)

index 0000000..dee2bcd
--- /dev/null
+++ b/doc/security/password_length_limits.md
@@ -0,0 +1,9 @@
+# Custom password length limits
+
+If you want to enforce longer user passwords you can create an extra Devise initializer with the following steps:
+
+```bash
+cd /home/git/gitlab
+sudo -u git -H cp config/initializers/devise_password_length.rb.example config/initializers/devise_password_length.rb
+sudo -u git -H editor config/initializers/devise_password_length.rb   # inspect and edit the new password length limits
+```
author	Jacob Vosmaer <contact@jacobvosmaer.nl>
	Mon, 13 Jan 2014 09:30:46 +0000 (10:30 +0100)
committer	Jacob Vosmaer <contact@jacobvosmaer.nl>
	Mon, 13 Jan 2014 09:41:10 +0000 (10:41 +0100)
config/initializers/devise_password_length.rb.example	[new file with mode: 0644]	patch \| blob
doc/security/password_length_limits.md	[new file with mode: 0644]	patch \| blob