saret/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-09-10 10:45:57 +03:00
Code Issues Packages Projects Releases Wiki Activity

Add password_hints_allowed config option

Browse Source 
Disabling password hints is mainly useful for admins who are concerned that
their users might provide password hints that are too revealing.
This commit is contained in:
Jeremy Lin
2022-06-30 20:46:17 -07:00
parent 60b339f450
commit 5e13b1a7cb
3 changed files with 32 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/config.rs
View File

@@ -436,6 +436,8 @@ make_config! {
/// Password iterations |> Number of server-side passwords hashing iterations.
/// The changes only apply when a user changes their password. Not recommended to lower the value
password_iterations: i32, true, def, 100_000;
/// Allow password hints |> Controls whether users can set password hints. This setting applies globally to all users.
password_hints_allowed: bool, true, def, true;
/// Show password hint |> Controls whether a password hint should be shown directly in the web page
/// if SMTP service is not configured. Not recommended for publicly-accessible instances as this
/// provides unauthenticated access to potentially sensitive data.