Add htconfig setting to disable password_exposed()

2018-03-21 02:35:28 -04:00 · 2018-03-21 02:35:28 -04:00 · 5b4fb945a2
commit 5b4fb945a2
parent 701fd41463
2 changed files with 2 additions and 1 deletions
--- a/doc/htconfig.md
+++ b/doc/htconfig.md
@ -41,6 +41,7 @@ Example: To set the automatic database cleanup process add this line to your .ht
 * **diaspora_test** (Boolean) - For development only. Disables the message transfer.
 * **disable_email_validation** (Boolean) - Disables the check if a mail address is in a valid format and can be resolved via DNS.
 * **disable_url_validation** (Boolean) - Disables the DNS lookup of an URL.
+* **disable_password_exposed** (Boolean) - Disable the exposition check against the remote haveibeenpwned API on password change. Default value is false.
 * **dlogfile - location of the developer log file
 * **dlogip - restricts develop log writes to requests originating from this IP address
 * **frontend_worker_timeout** - Value in minutes after we think that a frontend task was killed by the webserver. Default value is 10.