FIX Move password complexity requirements into framework

2024-10-22 14:05:37 +02:00 · 2018-11-08 13:23:53 +02:00 · 2018-11-08 13:23:53 +02:00 · cf4b16ed38
commit cf4b16ed38
parent 358cef0cdf
1 changed files with 13 additions and 0 deletions
--- a/_config/passwords.yml
+++ b/_config/passwords.yml
@ -0,0 +1,13 @@
+---
+Name: corepasswords
+---
+SilverStripe\Core\Injector\Injector:
+  SilverStripe\Security\PasswordValidator:
+    properties:
+      MinLength: 8
+      HistoricCount: 6
+
+# In the case someone uses `new PasswordValidator` instead of Injector, provide some safe defaults through config.
+SilverStripe\Security\PasswordValidator:
+  min_length: 8
+  historic_count: 6