root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
gitlab-ce/doc/development/compromised_password_detect...

1.5 KiB
Raw Blame History

stage group info title
Software Supply Chain Security Authentication Any user with at least the Maintainer role can merge updates to this content. For details, see https://docs.gitlab.com/development/development_processes/#development-guidelines-review. Compromised password detection development

For information on this feature that are not development-specific, see the feature documentation.

CloudFlare

The CloudFlare leaked credentials detection feature can detect when a request contains compromised credentials, and passes information to the application in the Exposed-Credential-Check header through a managed transform.

GitLab team members can find the CloudFlare Terraform configuration in the GitLab.com infrastructure configuration management repository: https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt

Additional resources

The Authentication group owns the compromised password detection feature. GitLab team members can join their channel on Slack: #g_sscs_authentication.