aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Lin <[email protected]>2021-07-10 01:20:37 -0700
committerJeremy Lin <[email protected]>2021-07-10 01:20:37 -0700
commit8ee5d51bd47279d5b23c409744fab6614af0e918 (patch)
tree0a9fa71b5b3240abf15aa44d3022cf2318cb2ddd
parent3968bc8016611cdf9a84db68990f27624ab17889 (diff)
downloadvaultwarden-8ee5d51bd47279d5b23c409744fab6614af0e918.tar.gz
vaultwarden-8ee5d51bd47279d5b23c409744fab6614af0e918.zip
Disable `show_password_hint` by default
A setting that provides unauthenticated access to potentially sensitive data shouldn't be enabled by default.
-rw-r--r--.env.template6
-rw-r--r--src/config.rs7
2 files changed, 8 insertions, 5 deletions
diff --git a/.env.template b/.env.template
index 530a6a01..1662080e 100644
--- a/.env.template
+++ b/.env.template
@@ -210,8 +210,10 @@
## The change only applies when the password is changed
# PASSWORD_ITERATIONS=100000
-## Whether password hint should be sent into the error response when the client request it
-# SHOW_PASSWORD_HINT=true
+## Controls whether a password hint should be shown directly in the web page if
+## SMTP service is not configured. Not recommended for publicly-accessible instances
+## as this provides unauthenticated access to potentially sensitive data.
+# SHOW_PASSWORD_HINT=false
## Domain settings
## The domain must match the address from where you access the server
diff --git a/src/config.rs b/src/config.rs
index 6b4fce59..347b0c5e 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -388,9 +388,10 @@ make_config! {
/// Password iterations |> Number of server-side passwords hashing iterations.
/// The changes only apply when a user changes their password. Not recommended to lower the value
password_iterations: i32, true, def, 100_000;
- /// Show password hints |> Controls if the password hint should be shown directly in the web page.
- /// Otherwise, if email is disabled, there is no way to see the password hint
- show_password_hint: bool, true, def, true;
+ /// Show password hint |> Controls whether a password hint should be shown directly in the web page
+ /// if SMTP service is not configured. Not recommended for publicly-accessible instances as this
+ /// provides unauthenticated access to potentially sensitive data.
+ show_password_hint: bool, true, def, false;
/// Admin page token |> The token used to authenticate in this very same page. Changing it here won't deauthorize the current session
admin_token: Pass, true, option;