diff options
Diffstat (limited to 'config/config.sample.php')
-rw-r--r-- | config/config.sample.php | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index cd96f002bc9..8c916b197b6 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -319,6 +319,21 @@ $CONFIG = [ 'auth.webauthn.enabled' => true, /** + * Whether encrypted password should be stored in the database + * + * The passwords are only decrypted using the login token stored uniquely in the + * clients and allow to connect to external storages, autoconfigure mail account in + * the mail app and periodically check if the password it still valid. + * + * This might be desirable to disable this functionality when using one time + * passwords or when having a password policy enforcing long passwords (> 300 + * characters). + * + * By default the passwords are stored encrypted in the database. + */ +'auth.storeCryptedPassword' => true, + +/** * By default the login form is always available. There are cases (SSO) where an * admin wants to avoid users entering their credentials to the system if the SSO * app is unavailable. |