debian-mirror-gitlab/doc/security/passwords_for_integrated_authentication_methods.md

---
stage: Manage
group: Access
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
type: reference
---

# Generated passwords for users created through integrated authentication

GitLab allows users to set up accounts through integration with external [authentication and authorization providers](../administration/auth/README.md).

These authentication methods do not require the user to explicitly create a password for their accounts.
However, to maintain data consistency, GitLab requires passwords for all user accounts.

For such accounts, we use the [`friendly_token`](https://github.com/heartcombo/devise/blob/f26e05c20079c9acded3c0ee16da0df435a28997/lib/devise.rb#L492) method provided by the Devise gem to generate a random, unique and secure password and sets it as the account password during sign up.

The length of the generated password is the set based on the value of [maximum password length](password_length_limits.md#modify-maximum-password-length-using-configuration-file) as set in the Device configuration. The default value is 128 characters.
New upstream version 13.3.8 2020-10-24 23:57:45 +05:30			`---`
New upstream version 13.7.7 2021-02-22 17:27:13 +05:30			`stage: Manage`
			`group: Access`
			`info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments`
New upstream version 13.3.8 2020-10-24 23:57:45 +05:30			`type: reference`
			`---`

			`# Generated passwords for users created through integrated authentication`

			`GitLab allows users to set up accounts through integration with external [authentication and authorization providers](../administration/auth/README.md).`

			`These authentication methods do not require the user to explicitly create a password for their accounts.`
			`However, to maintain data consistency, GitLab requires passwords for all user accounts.`

			For such accounts, we use the [`friendly_token`](https://github.com/heartcombo/devise/blob/f26e05c20079c9acded3c0ee16da0df435a28997/lib/devise.rb#L492) method provided by the Devise gem to generate a random, unique and secure password and sets it as the account password during sign up.

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`The length of the generated password is the set based on the value of [maximum password length](password_length_limits.md#modify-maximum-password-length-using-configuration-file) as set in the Device configuration. The default value is 128 characters.`