Add latest changes from gitlab-org/gitlab@13-6-stable-eev13.6.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-11-19 11:27:35 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-11-19 11:27:35 +0300
commit: 7e9c479f7de77702622631cff2628a9c8dcbc627 (patch)
tree: c8f718a08e110ad7e1894510980d2155a6549197 /doc/security
parent: e852b0ae16db4052c1c567d9efa4facc81146e88 (diff)
14 files changed, 80 insertions, 35 deletions
diff --git a/doc/security/README.md b/doc/security/README.md
index f8b9e423c04..a8947ef3de9 100644
--- a/doc/security/README.md
+++ b/doc/security/README.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 comments: false
 type: index
 ---
diff --git a/doc/security/asset_proxy.md b/doc/security/asset_proxy.md
index fdceecdf386..7eb6d5067e2 100644
--- a/doc/security/asset_proxy.md
+++ b/doc/security/asset_proxy.md
@@ -1,3 +1,9 @@
+---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
+---
+
 # Proxying assets
 
 A possible security concern when managing a public facing GitLab instance is
diff --git a/doc/security/crime_vulnerability.md b/doc/security/crime_vulnerability.md
index 2496029d93e..4571f0051d8 100644
--- a/doc/security/crime_vulnerability.md
+++ b/doc/security/crime_vulnerability.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: reference
 ---
 
diff --git a/doc/security/information_exclusivity.md b/doc/security/information_exclusivity.md
index 7c3d7284f25..a8c4a4e878e 100644
--- a/doc/security/information_exclusivity.md
+++ b/doc/security/information_exclusivity.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: concepts
 ---
 
diff --git a/doc/security/password_length_limits.md b/doc/security/password_length_limits.md
index 5354fe30082..b8d329ab342 100644
--- a/doc/security/password_length_limits.md
+++ b/doc/security/password_length_limits.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: reference, howto
 ---
 
@@ -11,11 +14,31 @@ By default, GitLab supports passwords with:
 
 GitLab administrators can modify password lengths:
 
-- Using configuration file.
-- [From](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) GitLab 12.6, using the GitLab UI.
+- Using the GitLab UI. **[From](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) GitLab 12.6 this is the only available option.**
+- Using configuration file. **Up to GitLab 12.5**.
+
+Changing the minimum or maximum length does not affect existing user passwords. Existing users are
+not asked to reset their password to adhere to the new limits. The new limit restriction applies
+only during new user sign-ups and when an existing user performs a password reset.
+
+## Modify minimum password length using GitLab UI
+
+> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) in GitLab 12.6
+
+The user password length is set to a minimum of 8 characters by default.
+
+To change the minimum password length using GitLab UI:
+
+1. Go to **Admin Area > Settings**, then select **Sign-up restrictions**.
+
+   ![Minimum password length settings](../user/admin_area/img/minimum_password_length_settings_v12_6.png)
+
+1. Input a **Minimum password length** value greater than or equal to 8, then select **Save changes**.
 
 ## Modify maximum password length using configuration file
 
+From GitLab 12.6, the minimum password length set in this configuration file is ignored. Minimum password lengths must instead be modified via the [GitLab UI](#modify-minimum-password-length-using-gitlab-ui).
+
 The user password length is set to a maximum of 128 characters by default.
 To change that for installations from source:
 
@@ -39,26 +62,6 @@ To change that for installations from source:
 1. [Restart GitLab](../administration/restart_gitlab.md#installations-from-source)
    for the changes to take effect.
 
-NOTE: **Note:**
-From GitLab 12.6, the minimum password length set in this configuration file will be ignored. Minimum password lengths will now have to be modified via the [GitLab UI](#modify-minimum-password-length-using-gitlab-ui) instead.
-
-## Modify minimum password length using GitLab UI
-
-> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/20661) in GitLab 12.6
-
-The user password length is set to a minimum of 8 characters by default.
-To change that using GitLab UI:
-
-In **Admin Area > Settings** (`/admin/application_settings/general`), go to the section **Sign-up restrictions**.
-
-[Minimum password length settings](../user/admin_area/img/minimum_password_length_settings_v12_6.png)
-
-Set the **Minimum password length** to a value greater than or equal to 8 and hit **Save changes** to save the changes.
-
-CAUTION: **Caution:**
-Changing minimum or maximum limit does not affect existing user passwords in any manner. Existing users will not be asked to reset their password to adhere to the new limits.
-The new limit restriction will only apply during new user sign-ups and when an existing user performs a password reset.
-
 <!-- ## Troubleshooting
 
 Include any troubleshooting steps that you can foresee. If you know beforehand what issues
diff --git a/doc/security/password_storage.md b/doc/security/password_storage.md
index 96487a75d8d..ca4d350dc06 100644
--- a/doc/security/password_storage.md
+++ b/doc/security/password_storage.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: reference
 ---
 
diff --git a/doc/security/passwords_for_integrated_authentication_methods.md b/doc/security/passwords_for_integrated_authentication_methods.md
index f2597ef1578..4872f26a0ad 100644
--- a/doc/security/passwords_for_integrated_authentication_methods.md
+++ b/doc/security/passwords_for_integrated_authentication_methods.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: reference
 ---
 
diff --git a/doc/security/project_import_decompressed_archive_size_limits.md b/doc/security/project_import_decompressed_archive_size_limits.md
index 16821e1f192..9e50290afcc 100644
--- a/doc/security/project_import_decompressed_archive_size_limits.md
+++ b/doc/security/project_import_decompressed_archive_size_limits.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: reference, howto
 ---
 
diff --git a/doc/security/rack_attack.md b/doc/security/rack_attack.md
index b386917f399..a84ecc8e47d 100644
--- a/doc/security/rack_attack.md
+++ b/doc/security/rack_attack.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: reference, howto
 ---
 
diff --git a/doc/security/rate_limits.md b/doc/security/rate_limits.md
index 9e754cf1917..94cc446c804 100644
--- a/doc/security/rate_limits.md
+++ b/doc/security/rate_limits.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: reference, howto
 ---
 
diff --git a/doc/security/reset_user_password.md b/doc/security/reset_user_password.md
index bc8de882afe..66e11587e96 100644
--- a/doc/security/reset_user_password.md
+++ b/doc/security/reset_user_password.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: howto
 ---
 
@@ -53,14 +56,15 @@ Don't forget to save the changes.
 user.save!
 ```
 
-Exit the console and try to login with your new password.
+Exit the console, and then try to sign in with your new password.
 
 NOTE: **Note:**
-Passwords can also be reset via the [Users API](../api/users.md#user-modification)
+You can also reset passwords by using the [Users API](../api/users.md#user-modification).
 
 ### Reset your root password
 
-The steps described above can also be used to reset the root password. But first, identify the root user, with an `id` of `1`. To do so, run the following command:
+The previously described steps can also be used to reset the root password. First,
+identify the root user, with an `id` of `1`. To do so, run the following command:
 
 ```shell
 user = User.where(id: 1).first
diff --git a/doc/security/two_factor_authentication.md b/doc/security/two_factor_authentication.md
index 995dea7809e..27cc2474b8a 100644
--- a/doc/security/two_factor_authentication.md
+++ b/doc/security/two_factor_authentication.md
@@ -8,22 +8,22 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 # Enforce Two-factor Authentication (2FA)
 
 Two-factor Authentication (2FA) provides an additional level of security to your
-users' GitLab account. Once enabled, in addition to supplying their username and
-password to login, they'll be prompted for a code generated by an application on
-their phone.
+users' GitLab account. After being enabled, in addition to supplying their
+username and password to sign in, they'll be prompted for a code generated by an
+application on their phone.
 
 You can read more about it here:
 [Two-factor Authentication (2FA)](../user/profile/account/two_factor_authentication.md)
 
 ## Enforcing 2FA for all users
 
-Users on GitLab, can enable it without any admin's intervention. If you want to
-enforce everyone to set up 2FA, you can choose from two different ways:
+Users on GitLab can enable it without any administrator's intervention. If you
+want to enforce everyone to set up 2FA, you can choose from two different ways:
 
 - Enforce on next login.
 - Suggest on next login, but allow a grace period before enforcing.
 
-After the configured grace period has elapsed, users will be able to log in but
+After the configured grace period has elapsed, users will be able to sign in but
 won't be able to leave the 2FA configuration area at `/profile/two_factor_auth`.
 
 To enable 2FA for all users:
@@ -32,15 +32,17 @@ To enable 2FA for all users:
    (`/admin/application_settings/general`).
 1. Expand the **Sign-in restrictions** section, where you can configure both.
 
-If you want 2FA enforcement to take effect on next login, change the grace
-period to `0`.
+If you want 2FA enforcement to take effect during the next sign-in attempt,
+change the grace period to `0`.
 
 ## Enforcing 2FA for all users in a group
 
 If you want to enforce 2FA only for certain groups, you can:
 
-1. Enable it in the group's **Settings > General** page. Navigate to **Permissions, LFS, 2FA > Two-factor authentication**.
-You can then check the **Require all users in this group to setup Two-factor authentication** option.
+1. Enable it in the group's **Settings > General** page. Navigate to
+   **Permissions, LFS, 2FA > Two-factor authentication**. You can then select
+   the **Require all users in this group to setup Two-factor authentication**
+   option.
 1. You can also specify a grace period in the **Time before enforced** option.
 
 To change this setting, you need to be administrator or owner of the group.
diff --git a/doc/security/unlock_user.md b/doc/security/unlock_user.md
index bf3bbbb701e..4013bfb7cae 100644
--- a/doc/security/unlock_user.md
+++ b/doc/security/unlock_user.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: howto
 ---
 
diff --git a/doc/security/webhooks.md b/doc/security/webhooks.md
index 3d7aa3026ab..2e2fb093916 100644
--- a/doc/security/webhooks.md
+++ b/doc/security/webhooks.md
@@ -1,4 +1,7 @@
 ---
+stage: none
+group: unassigned
+info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#designated-technical-writers
 type: concepts, reference, howto
 ---
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-11-19 11:27:35 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-11-19 11:27:35 +0300
commit	7e9c479f7de77702622631cff2628a9c8dcbc627 (patch)
tree	c8f718a08e110ad7e1894510980d2155a6549197 /doc/security
parent	e852b0ae16db4052c1c567d9efa4facc81146e88 (diff)