steunix · steunix · Aug 5, 2025 · Aug 5, 2025
diff --git a/api/v1/controllers/util.mjs b/api/v1/controllers/util.mjs
@@ -25,7 +25,7 @@ import DB from '../../../lib/db.mjs'
  */
 export async function generatePassword (req, res, next) {
   const pwd = generator.generate({
-    length: 15,
+    length: Config.get().generated_password_length || 20,
     numbers: true,
     symbols: req?.query?.symbols !== 'false',
     lowercase: true,

diff --git a/config-skel.json b/config-skel.json
@@ -35,5 +35,6 @@
     "max_hours": 168
   },
   "readonly": false,
-  "enable_metrics": true
+  "enable_metrics": true,
+  "generated_password_length": 20
 }
diff --git a/docs/index.md b/docs/index.md
@@ -409,6 +409,7 @@ Copy `config-skel.json` to `config.json` and adjust the options:
   - `max_hours`: Max one-time secrets duration
 - `readonly`: true or false; if true, no write operation is allowed both for admins and regolar users
 - `enable_metrics`: true or false, enables Prometheus formatted metrics
+- `generated_password_length`: length of random generated password, default is 20
 
 ## Environment variables
 

diff --git a/lib/schemas/system_config.json b/lib/schemas/system_config.json
@@ -68,7 +68,8 @@
       "required": [ "max_hours" ]
     },
     "readonly": { "type": "boolean" },
-    "enable_metrics": { "type": "boolean" }
+    "enable_metrics": { "type": "boolean" },
+    "generated_password_length": { "type": "integer", "minimum": 10, "maximum": 50 }
   },
   "required": ["jwt_duration", "listen", "log", "https", "redis", "onetimetokens", "readonly"]
 }