summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--docs/sample_config.yaml34
-rw-r--r--synapse/config/password.py34
2 files changed, 54 insertions, 14 deletions
diff --git a/docs/sample_config.yaml b/docs/sample_config.yaml
index 8b8ebfa3d7..0f3c0f5fd5 100644
--- a/docs/sample_config.yaml
+++ b/docs/sample_config.yaml
@@ -996,15 +996,35 @@ password_config:
    #
    #pepper: "EVEN_MORE_SECRET"
 
-   # Password policy.
+   # Define and enforce a password policy. Each parameter is optional, boolean
+   # parameters default to 'false' and integer parameters default to 0.
+   # This is an early implementation of MSC2000.
    #
    #policy:
-   #  enabled: true
-   #  minimum_length: 15
-   #  require_digit: true
-   #  require_symbol: true
-   #  require_lowercase: true
-   #  require_uppercase: true
+      # Whether to enforce the password policy.
+      #
+      #enabled: true
+
+      # Minimum accepted length for a password.
+      #
+      #minimum_length: 15
+
+      # Whether a password must contain at least one digit.
+      #
+      #require_digit: true
+
+      # Whether a password must contain at least one symbol.
+      # A symbol is any character that's not a number or a letter.
+      #
+      #require_symbol: true
+
+      # Whether a password must contain at least one lowercase letter.
+      #
+      #require_lowercase: true
+
+      # Whether a password must contain at least one lowercase letter.
+      #
+      #require_uppercase: true
 
 
 
diff --git a/synapse/config/password.py b/synapse/config/password.py
index 19817110a9..48a38512cb 100644
--- a/synapse/config/password.py
+++ b/synapse/config/password.py
@@ -46,13 +46,33 @@ class PasswordConfig(Config):
            #
            #pepper: "EVEN_MORE_SECRET"
 
-           # Password policy.
+           # Define and enforce a password policy. Each parameter is optional, boolean
+           # parameters default to 'false' and integer parameters default to 0.
+           # This is an early implementation of MSC2000.
            #
            #policy:
-           #  enabled: true
-           #  minimum_length: 15
-           #  require_digit: true
-           #  require_symbol: true
-           #  require_lowercase: true
-           #  require_uppercase: true
+              # Whether to enforce the password policy.
+              #
+              #enabled: true
+
+              # Minimum accepted length for a password.
+              #
+              #minimum_length: 15
+
+              # Whether a password must contain at least one digit.
+              #
+              #require_digit: true
+
+              # Whether a password must contain at least one symbol.
+              # A symbol is any character that's not a number or a letter.
+              #
+              #require_symbol: true
+
+              # Whether a password must contain at least one lowercase letter.
+              #
+              #require_lowercase: true
+
+              # Whether a password must contain at least one lowercase letter.
+              #
+              #require_uppercase: true
         """
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-01-28 04:15:21 +0000