silverstripe-webpack/app/_config/security.yml

---
Name: 'webapp-security'
After: 'framework/*, cms/*, security_baseline'
---
SilverStripe\Security\Member:
  lock_out_after_incorrect_logins: 5
  lock_out_delay_mins: 5
  # Password expiry should only happen when the password is leaked (optionally expire automatically if PCI/NIST compliance is required)
  # password_expiry_days: 90
  # instead of password change, we send out a notice on change of password OR Email (notify_account_security_change)
  notify_password_change: false

SilverStripe\Forms\PasswordField:
  autocompleate: false

SilverStripe\Core\Injector\Injector:
  SilverStripe\Security\MemberAuthenticator\LostPasswordHandler:
    class: Site\Extensions\LostPasswordHandlerExtension
  SilverStripe\Security\MemberAuthenticator\MemberLoginForm:
    class: Site\Extensions\SiteMemberLoginForm
IMPR: Some CSS improvements and show password functionality 2021-01-14 16:59:01 +01:00			`---`
			`Name: 'webapp-security'`
			`After: 'framework/, cms/, security_baseline'`
			`---`
			`SilverStripe\Security\Member:`
			`lock_out_after_incorrect_logins: 5`
			`lock_out_delay_mins: 5`
			`# Password expiry should only happen when the password is leaked (optionally expire automatically if PCI/NIST compliance is required)`
			`# password_expiry_days: 90`
			`# instead of password change, we send out a notice on change of password OR Email (notify_account_security_change)`
			`notify_password_change: false`

			`SilverStripe\Forms\PasswordField:`
			`autocompleate: false`

			`SilverStripe\Core\Injector\Injector:`
			`SilverStripe\Security\MemberAuthenticator\LostPasswordHandler:`
			`class: Site\Extensions\LostPasswordHandlerExtension`
			`SilverStripe\Security\MemberAuthenticator\MemberLoginForm:`
			`class: Site\Extensions\SiteMemberLoginForm`