+
Reset your password
+ <%= render "devise/shared/error_messages", resource: resource %>
+ <%= f.hidden_field :reset_password_token %>
-
- <%= f.label :password, "New password" %>
- <% if @minimum_password_length %>
- (<%= @minimum_password_length %> characters minimum)
- <% end %>
- <%= f.password_field :password, autofocus: true, autocomplete: "new-password" %>
-
+
-
- <%= f.label :password_confirmation, "Confirm new password" %>
- <%= f.password_field :password_confirmation, autocomplete: "new-password" %>
-
+
+ <%= f.label :password_confirmation, "Confirm new password", class: "govuk-label" %>
+ <%= f.password_field :password_confirmation, autocomplete: "new-password", class: "govuk-input" %>
+
-
- <%= f.submit "Change my password" %>
+ <%= f.submit "Reset password", class: "govuk-button" %>
+
<% end %>
-
-<%= render "devise/shared/links" %>
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index dc6872604..3c359b079 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -178,7 +178,7 @@ Devise.setup do |config|
# ==> Configuration for :validatable
# Range for password length.
- config.password_length = 6..128
+ config.password_length = 8..128
# Email regex used to validate email formats. It simply asserts that
# one (and only one) @ exists in the given string. This is mainly
@@ -224,7 +224,7 @@ Devise.setup do |config|
# Time interval you can reset your password with a reset password key.
# Don't put a too small interval or your users won't have the time to
# change their passwords.
- config.reset_password_within = 6.hours
+ config.reset_password_within = 3.hours
# When set to false, does not sign a user in automatically after their password is
# reset. Defaults to true, so a user is signed in automatically after a reset.