From 3cd0e97b00b4f4ed5c6227653c165119e253fe91 Mon Sep 17 00:00:00 2001 From: Maxim Tkachenko Date: Mon, 14 Oct 2019 22:24:26 +0700 Subject: [PATCH] Password Complexity Checks (#6230) Add password complexity checks. The default settings require a lowercase, uppercase, number and a special character within passwords. Co-Authored-By: T-M-A Co-Authored-By: Lanre Adelowo Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-Authored-By: Lauris BH --- doc/advanced/config-cheat-sheet.en-us.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/doc/advanced/config-cheat-sheet.en-us.md b/doc/advanced/config-cheat-sheet.en-us.md index b927793a..100bb229 100644 --- a/doc/advanced/config-cheat-sheet.en-us.md +++ b/doc/advanced/config-cheat-sheet.en-us.md @@ -208,6 +208,11 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`. - `INTERNAL_TOKEN_URI`: ****: Instead of defining internal token in the configuration, this configuration option can be used to give Gitea a path to a file that contains the internal token (example value: `file:/etc/gitea/internal_token`) - `PASSWORD_HASH_ALGO`: **pbkdf2**: The hash algorithm to use \[pbkdf2, argon2, scrypt, bcrypt\]. - `CSRF_COOKIE_HTTP_ONLY`: **true**: Set false to allow JavaScript to read CSRF cookie. +- `PASSWORD_COMPLEXITY`: **lower,upper,digit,spec**: Comma separated list of character classes required to pass minimum complexity. If left empty or no valid values are specified, the default values will be used. Possible values are: + - lower - use one or more lower latin characters + - upper - use one or more upper latin characters + - digit - use one or more digits + - spec - use one or more special characters as ``][!"#$%&'()*+,./:;<=>?@\^_{|}~`-`` and space symbol. ## OpenID (`openid`)