Security
- Password storage
- Password length limits
- Generated passwords for users created through integrated authentication
- Restrict SSH key technologies and minimum length
- Rate limits
- Webhooks and insecure internal web services
- Information exclusivity
- Reset user password
- Unlock a locked user
- User File Uploads
- How we manage the CRIME vulnerability
- Enforce Two-factor authentication
- Send email confirmation on sign-up
- Security of running jobs
- Proxying images
- CI/CD variables
Securing your GitLab installation
Consider access control features like Sign up restrictions and Authentication options to harden your GitLab instance and minimize the risk of unwanted user account creation.