diff options
author | Jeremy Lin <[email protected]> | 2021-07-10 01:20:37 -0700 |
---|---|---|
committer | Jeremy Lin <[email protected]> | 2021-07-10 01:20:37 -0700 |
commit | 8ee5d51bd47279d5b23c409744fab6614af0e918 (patch) | |
tree | 0a9fa71b5b3240abf15aa44d3022cf2318cb2ddd | |
parent | 3968bc8016611cdf9a84db68990f27624ab17889 (diff) | |
download | vaultwarden-8ee5d51bd47279d5b23c409744fab6614af0e918.tar.gz vaultwarden-8ee5d51bd47279d5b23c409744fab6614af0e918.zip |
Disable `show_password_hint` by default
A setting that provides unauthenticated access to potentially sensitive data
shouldn't be enabled by default.
-rw-r--r-- | .env.template | 6 | ||||
-rw-r--r-- | src/config.rs | 7 |
2 files changed, 8 insertions, 5 deletions
diff --git a/.env.template b/.env.template index 530a6a01..1662080e 100644 --- a/.env.template +++ b/.env.template @@ -210,8 +210,10 @@ ## The change only applies when the password is changed # PASSWORD_ITERATIONS=100000 -## Whether password hint should be sent into the error response when the client request it -# SHOW_PASSWORD_HINT=true +## Controls whether a password hint should be shown directly in the web page if +## SMTP service is not configured. Not recommended for publicly-accessible instances +## as this provides unauthenticated access to potentially sensitive data. +# SHOW_PASSWORD_HINT=false ## Domain settings ## The domain must match the address from where you access the server diff --git a/src/config.rs b/src/config.rs index 6b4fce59..347b0c5e 100644 --- a/src/config.rs +++ b/src/config.rs @@ -388,9 +388,10 @@ make_config! { /// Password iterations |> Number of server-side passwords hashing iterations. /// The changes only apply when a user changes their password. Not recommended to lower the value password_iterations: i32, true, def, 100_000; - /// Show password hints |> Controls if the password hint should be shown directly in the web page. - /// Otherwise, if email is disabled, there is no way to see the password hint - show_password_hint: bool, true, def, true; + /// Show password hint |> Controls whether a password hint should be shown directly in the web page + /// if SMTP service is not configured. Not recommended for publicly-accessible instances as this + /// provides unauthenticated access to potentially sensitive data. + show_password_hint: bool, true, def, false; /// Admin page token |> The token used to authenticate in this very same page. Changing it here won't deauthorize the current session admin_token: Pass, true, option; |