Added threshold_warning_min_entropy option in docs

joapuiib · joapuiib · commit 17264d358aac · 2024-10-23T18:22:41.000+02:00
diff --git a/README.md b/README.md
@@ -347,6 +347,7 @@ plugins:
         #reload_scripts:
         #  - '#theme'
         password_file: 'passwords.yml' # file with password inventory
+        threshold_warning_min_entropy: 100 # warn if password entropy is below this value
         #kdf_pow: 4 # default for crypto-js: 4, default for webcrypto: 5
         sign_files: 'encryptcontent-plugin.json' # save ed25519 signatures here
         #hash_filenames: # add hash to file names of assets (to make them impossible to guess
@@ -1088,4 +1089,4 @@ all files and verify the signatures.
 As long as the private key used for signing remains secret, the canary script will be able to determine
 if someone tampered with the files on the server. But you should run the canary script from another machine
 that is not related to the server, otherwise the attacker could also modify the canary script and sign with his
-private key instead.
+private key instead.
diff --git a/documentation/docs/usage.md b/documentation/docs/usage.md
@@ -226,6 +226,7 @@ plugins:
         #reload_scripts:
         #  - '#theme'
         password_file: 'passwords.yml' # file with password inventory
+        threshold_warning_min_entropy: 100 # warn if password entropy is below this value
         #kdf_pow: 4 # default for crypto-js: 4, default for webcrypto: 5
         sign_files: 'encryptcontent-plugin.json' # save ed25519 signatures here
         #hash_filenames: # add hash to file names of assets (to make them impossible to guess
