Compromised password detection development

For information on this feature that are not development-specific, see the feature documentation.

CloudFlare

The CloudFlare leaked credentials detection feature can detect when a request contains compromised credentials, and passes information to the application in the Exposed-Credential-Check header through a managed transform.

GitLab team members can find the CloudFlare Terraform configuration in the GitLab.com infrastructure configuration management repository: https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt

Additional resources

The Authentication group owns the compromised password detection feature. GitLab team members can join their channel on Slack: #g_sscs_authentication.

Post on the GitLab forum

Compromised password detection development

CloudFlare

Additional resources

Help & feedback