From 69d73c17350b2013f75bb3ea6d26b0a3196209f1 Mon Sep 17 00:00:00 2001 From: Sozial-KI Date: Mon, 22 Sep 2025 12:19:08 +0200 Subject: [PATCH 1/2] docs: Explain config of password policy feature --- docs/getting-started/env-configuration.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/docs/getting-started/env-configuration.md b/docs/getting-started/env-configuration.md index 30843c7af3..d7d191bad6 100644 --- a/docs/getting-started/env-configuration.md +++ b/docs/getting-started/env-configuration.md @@ -76,6 +76,14 @@ Failure to set WEBUI_URL before using OAuth/SSO will result in failure to log in - Default: `False` - Description: If set to True, a "Confirm Password" field is added to the sign-up page to help users avoid typos when creating their password. + +#### `ENABLE_ENFORCE_PASSWORD_POLICY` + +- Type: `bool` +- Default: `False` +- Description: Enforces a basic password policy when users sign up, change their password and when they are created or updated through the API. +- Persistence: This environment variable is a `PersistentConfig` variable + #### `ENABLE_LOGIN_FORM` - Type: `bool` From 6b1551d049ffa7e72bcdda0656edc0f830d1372d Mon Sep 17 00:00:00 2001 From: Sozial-KI Date: Fri, 10 Oct 2025 20:45:36 +0200 Subject: [PATCH 2/2] docs: update password policy config options --- docs/getting-started/env-configuration.md | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/docs/getting-started/env-configuration.md b/docs/getting-started/env-configuration.md index d7d191bad6..11717c9719 100644 --- a/docs/getting-started/env-configuration.md +++ b/docs/getting-started/env-configuration.md @@ -81,8 +81,23 @@ Failure to set WEBUI_URL before using OAuth/SSO will result in failure to log in - Type: `bool` - Default: `False` -- Description: Enforces a basic password policy when users sign up, change their password and when they are created or updated through the API. -- Persistence: This environment variable is a `PersistentConfig` variable +- Description: Enforces a password policy when users sign up, change their password, or are managed via the API.When enabled, passwords must contain at least one uppercase letter, one lowercase letter, one digit, and one special symbol. The minimum length and the set of allowed symbols can be configured using `USER_PASSWORD_MIN_LENGTH` and `USER_PASSWORD_POLICY_SYMBOLS` respectively. +- Persistence: This environment variable is a `PersistentConfig` variable. + +#### `USER_PASSWORD_MIN_LENGTH` + +- Type: `int` +- Default: `12` +- Description: Sets the minimum required password length when `ENABLE_ENFORCE_PASSWORD_POLICY` is active. +- Persistence: This environment variable is a `PersistentConfig` variable. + +#### `USER_PASSWORD_POLICY_SYMBOLS` + +- Type: `str` +- Default: `!@#$%^&*` +- Description: Defines the set of special characters from which at least one must be included in the password when `ENABLE_ENFORCE_PASSWORD_POLICY` is active. +- Persistence: This environment variable is a `PersistentConfig` variable. + #### `ENABLE_LOGIN_FORM`