Require min of n characters for passwords
hueniverse opened this issue · comments
@tomsteele can you find a recommended length
I can't find a standard, but brakeman, a widely used Rails source analysis tool will warn if the secret token is less than 30 characters long http://brakemanscanner.org/docs/warning_types/session_setting/. I say we set it to 32.
This thread has been automatically locked due to inactivity. Please open a new issue for related bugs or questions following the new issue template instructions.