devise-security 0.14.2 → 0.17.0

data/test/test_secure_validatable_overrides.rb

@@ -0,0 +1,185 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+
+class TestSecureValidatableOverrides < ActiveSupport::TestCase
+  class ::CustomClassPasswordValidator < DeviseSecurity::PasswordComplexityValidator
+    def patterns
+      super.merge(letter: /\p{Alpha}/)
+    end
+  end
+
+  class ::CustomInstancePasswordValidator < DeviseSecurity::PasswordComplexityValidator
+    # Add a pattern for alphanumeric characters. See
+    # [en.yml](file:///./test/dummy/config/locales/en.yml) for translations used in
+    # tests.
+    def patterns
+      super.merge(alnum: /\p{Alnum}/)
+    end
+  end
+
+  class User < ApplicationRecord
+    devise :database_authenticatable, :secure_validatable
+    include ::Mongoid::Mappings if DEVISE_ORM == :mongoid
+  end
+
+  class ClassLevelOverrideUser < User
+    self.allow_passwords_equal_to_email = true
+    self.email_validation = false
+    self.password_complexity = { symbol: 1, letter: 1 }
+    self.password_complexity_validator = 'custom_class_password_validator'
+    self.password_length = 10..100
+  end
+
+  class InstanceLevelOverrideUser < ClassLevelOverrideUser
+    def allow_passwords_equal_to_email
+      true
+    end
+
+    def email_validation
+      false
+    end
+
+    def password_complexity
+      { symbol: 2, alnum: 1 }
+    end
+
+    def password_length
+      11..100
+    end
+
+    def password_complexity_validator
+      'CustomInstancePasswordValidator'
+    end
+  end
+
+  test 'email equal to password can be overridden at the class level' do
+    user = ClassLevelOverrideUser.new(
+      email: 'bob1!@microsoft.com',
+      password: 'bob1!@microsoft.com',
+      password_confirmation: 'bob1!@microsoft.com'
+    )
+
+    assert user.valid?
+  end
+
+  test 'email equal to password can be overridden at the instance level' do
+    user = InstanceLevelOverrideUser.new(
+      email: 'bob1!@microsoft.com',
+      password: 'bob1!@microsoft.com',
+      password_confirmation: 'bob1!@microsoft.com'
+    )
+
+    assert user.valid?
+  end
+
+  test 'email validation can be overridden at the class level' do
+    user = ClassLevelOverrideUser.new(
+      email: 'bob1!@f.com',
+      password: 'Pa3zZ1!!aaaaaa',
+      password_confirmation: 'Pa3zZ1!!aaaaaa'
+    )
+
+    assert user.valid?
+  end
+
+  test 'email validation can be overridden at the instance level' do
+    user = InstanceLevelOverrideUser.new(
+      email: 'bob1!@f.com',
+      password: 'Pa3zZ1!!aaaaaa',
+      password_confirmation: 'Pa3zZ1!!aaaaaa'
+    )
+
+    assert user.valid?
+  end
+
+  test 'password complexity can be overridden at the class level' do
+    user = ClassLevelOverrideUser.new(
+      email: 'bob@microsoft.com',
+      password: 'PASSwordddd',
+      password_confirmation: 'PASSwordddd'
+    )
+
+    assert user.invalid?
+    assert_equal(
+      ['Password must contain at least one punctuation mark or symbol'],
+      user.errors.full_messages
+    )
+  end
+
+  test 'password complexity can be overridden at the instance level' do
+    user = InstanceLevelOverrideUser.new(
+      email: 'bob@microsoft.com',
+      password: 'PASSwordddd',
+      password_confirmation: 'PASSwordddd'
+    )
+
+    assert user.invalid?
+    assert_equal(
+      ['Password must contain at least 2 punctuation marks or symbols'],
+      user.errors.full_messages
+    )
+  end
+
+  test 'password length can be overridden at the class level' do
+    user = ClassLevelOverrideUser.new(
+      email: 'bob@microsoft.com',
+      password: 'Pa3zZ1!',
+      password_confirmation: 'Pa3zZ1!'
+    )
+
+    assert user.invalid?
+    assert_equal(
+      ['Password is too short (minimum is 10 characters)'],
+      user.errors.full_messages
+    )
+  end
+
+  test 'password length can be overridden at the instance level' do
+    user = InstanceLevelOverrideUser.new(
+      email: 'bob@microsoft.com',
+      password: 'Pa3zZ1!!',
+      password_confirmation: 'Pa3zZ1!!'
+    )
+
+    assert user.invalid?
+    assert_equal(
+      ['Password is too short (minimum is 11 characters)'],
+      user.errors.full_messages
+    )
+  end
+
+  test 'password validator can be overridden at the instance level' do
+    password = '!' * 11 # 11 characters, all symbols
+    user = InstanceLevelOverrideUser.new(
+      email: 'bob@microsoft.com',
+      password: password,
+      password_confirmation: password
+    )
+
+    assert user.invalid?
+    # This validation error only occurs when the CustomInstancePasswordValidator
+    # is used.
+    assert_equal(
+      ['Password must contain at least one letter or number'],
+      user.errors.full_messages
+    )
+  end
+
+  test 'password validator can be overridden at the class level' do
+    password = '!' * 10 # 10 characters, all symbols
+    user = ClassLevelOverrideUser.new(
+      email: 'bob@microsoft.com',
+      password: password,
+      password_confirmation: password
+    )
+
+    assert user.invalid?
+    # This validation error only occurs when the CustomClassPasswordValidator
+    # is used.
+    assert_equal(
+      ['Password must contain at least one letter'],
+      user.errors.full_messages
+    )
+  end
+end

data/test/test_session_limitable.rb

@@ -1,6 +1,32 @@
+# frozen_string_literal: true
+
 require 'test_helper'
 
 class TestSessionLimitable < ActiveSupport::TestCase
+  class ModifiedUser < User
+    def skip_session_limitable?
+      true
+    end
+  end
+
+  test 'check is not skipped by default' do
+    user = User.create email: 'bob@microsoft.com', password: 'password1', password_confirmation: 'password1'
+    assert_equal(false, user.skip_session_limitable?)
+  end
+
+  test 'default check can be overridden by record instance' do
+    modified_user = ModifiedUser.create email: 'bob2@microsoft.com', password: 'password1', password_confirmation: 'password1'
+    assert_equal(true, modified_user.skip_session_limitable?)
+  end
+
+  class SessionLimitableUser < User
+    devise :session_limitable
+    include ::Mongoid::Mappings if DEVISE_ORM == :mongoid
+  end
+
+  test 'includes Devise::Models::Compatibility' do
+    assert_kind_of(Devise::Models::Compatibility, SessionLimitableUser.new)
+  end
 
   test '#update_unique_session_id!(value) updates valid record' do
     user = User.create! password: 'passWord1', password_confirmation: 'passWord1', email: 'bob@microsoft.com'
@@ -25,7 +51,7 @@ class TestSessionLimitable < ActiveSupport::TestCase
 
   test '#update_unique_session_id!(value) raises an exception on an unpersisted record' do
     user = User.create
-    assert !user.persisted?
+    assert_not user.persisted?
     assert_raises(Devise::Models::Compatibility::NotPersistedError) { user.update_unique_session_id!('unique_value') }
   end
 end

data/test/tmp/config/initializers/devise_security.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+
+Devise.setup do |config|
+  # ==> Security Extension
+  # Configure security extension for devise
+
+  # Should the password expire (e.g 3.months)
+  # config.expire_password_after = false
+
+  # Need 1 char each of: A-Z, a-z, 0-9, and a punctuation mark or symbol
+  # You may use "digits" in place of "digit" and "symbols" in place of
+  # "symbol" based on your preference
+  # config.password_complexity = { digit: 1, lower: 1, symbol: 1, upper: 1 }
+
+  # How many passwords to keep in archive
+  # config.password_archiving_count = 5
+
+  # Deny old passwords (true, false, number_of_old_passwords_to_check)
+  # Examples:
+  # config.deny_old_passwords = false # allow old passwords
+  # config.deny_old_passwords = true # will deny all the old passwords
+  # config.deny_old_passwords = 3 # will deny new passwords that matches with the last 3 passwords
+  # config.deny_old_passwords = true
+
+  # enable email validation for :secure_validatable. (true, false, validation_options)
+  # dependency: see https://github.com/devise-security/devise-security/blob/master/README.md#e-mail-validation
+  # config.email_validation = true
+
+  # captcha integration for recover form
+  # config.captcha_for_recover = true
+
+  # captcha integration for sign up form
+  # config.captcha_for_sign_up = true
+
+  # captcha integration for sign in form
+  # config.captcha_for_sign_in = true
+
+  # captcha integration for unlock form
+  # config.captcha_for_unlock = true
+
+  # captcha integration for confirmation form
+  # config.captcha_for_confirmation = true
+
+  # Time period for account expiry from last_activity_at
+  # config.expire_after = 90.days
+
+  # Allow password to equal the email
+  # config.allow_passwords_equal_to_email = false
+end

data/test/tmp/config/locales/devise.security_extension.by.yml

@@ -0,0 +1,49 @@
+by:
+  errors:
+    messages:
+      taken_in_past: 'ужо раней выкарыстоўваўся.'
+      equal_to_current_password: 'павінен адрознівацца ад сучаснага пароля.'
+      equal_to_email: 'павінна адрознівацца ад электроннай пошты.'
+      password_complexity:
+        digit:
+          one: 'павінен утрымліваць хоць адну лічбу'
+          few: 'павінен утрымліваць хоць %{count} лічбы'
+          many: 'павінен утрымліваць хоць %{count} лічбы'
+          other: 'павінен утрымліваць хоць %{count} лічбы'
+        lower:
+          one: 'павінен утрымліваць хоць адну маленькую літару'
+          few: 'павінен утрымліваць хоць %{count} малыx літары'
+          many: 'павінен утрымліваць хоць %{count} малыx літары'
+          other: 'павінен утрымліваць хоць %{count} малыx літары'
+        symbol:
+          one: 'павінен утрымліваць хоць адзін знак пунктуацыі або сімвал'
+          few: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
+          many: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
+          other: 'павінен утрымліваць хоць %{count} знака пунктуацыі або сімвала'
+        upper:
+          one: 'павінен утрымліваць хоць адну вялікую літару'
+          few: 'павінен утрымліваць хоць %{count} вялікіx літары'
+          many: 'павінен утрымліваць хоць %{count} вялікіx літары'
+          other: 'павінен утрымліваць хоць %{count} вялікіx літары'
+  devise:
+    invalid_captcha: 'Уведзены няправільны код капчы.'
+    invalid_security_question: 'Адказ на сакрэтнае пытанне быў няправільны.'
+    paranoid_verify:
+      code_required: 'Калі ласка, увядзіце код, атрыманы ад нашай каманды падтрымкі'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: 'Увод кода пацверджання'
+        verification_code: 'Код пацверджання'
+        submit: 'Адправіць'
+    password_expired:
+      updated: 'Ваш новы пароль захаваны.'
+      change_required: 'Ваш пароль састарэў. Калі ласка, усталюйце новы.'
+      show:
+        renew_your_password: 'Змена пароля'
+        current_password: 'Сучасны пароль'
+        new_password: 'Новы пароль'
+        new_password_confirmation: 'Пацвердзіце новы пароль'
+        change_my_password: 'Змяніць пароль'
+    failure:
+      session_limited: 'Вашы параметры ўваходу выкарыстоўваюцца ў іншым браўзэры. Калі ласка, аўтарызуйцеся зноў, каб працягнуць у гэтым браўзэры.'
+      expired: 'Ваш уліковы запіс састарэў з-за неактыўнасці. Калі ласка, звяжыцеся з адміністратарам.'

data/test/tmp/config/locales/devise.security_extension.cs.yml

@@ -0,0 +1,41 @@
+cs:
+  errors:
+    messages:
+      taken_in_past: bylo již použito v minulosti.
+      equal_to_current_password: se musí lišit od aktuálního hesla.
+      equal_to_email: musí být jiný než e-mail.
+      password_complexity:
+        digit:
+          one: musí obsahovat alespoň jednu číslici
+          other: musí obsahovat alespoň %{count} číslice
+        lower:
+          one: musí obsahovat alespoň jedno malé písmeno
+          other: musí obsahovat alespoň %{count} malé písmena
+        symbol:
+          one: musí obsahovat alespoň jedno interpunkční znaménko nebo symbol
+          other: musí obsahovat alespoň %{count} interpunkční znaménka nebo symboly
+        upper:
+          one: musí obsahovat alespoň jedno velké písmeno
+          other: musí obsahovat alespoň %{count} velké písmena
+  devise:
+    invalid_captcha: Chybná captcha.
+    invalid_security_question: Chybná odpověď na bezpečnostní otázku.
+    paranoid_verify:
+      code_required: Zadejte kód, který poskytla naše podpora
+    paranoid_verification_code:
+      show:
+        submit_verification_code: Odeslat ověřovací kód
+        verification_code: Ověřovací kód
+        submit: Odeslat
+    password_expired:
+      updated: Vaše nové heslo bylo uloženo.
+      change_required: Platnost Vašeho hesla vypršela. Prosím, obnovte si jej.
+      show:
+        renew_your_password: Obnovit heslo
+        current_password: Současné heslo
+        new_password: Nové heslo
+        new_password_confirmation: Potvrďte nové heslo
+        change_my_password: Změnit moje heslo
+    failure:
+      session_limited: Vaše přihlašovací údaje byly použity v jiném prohlížeči. Chcete-li pokračovat v tomto prohlížeči, znovu se přihlaste.
+      expired: Platnost Vašeho účtu vypršela z důvodu nečinnosti. Obraťte se na správce webu.

data/test/tmp/config/locales/devise.security_extension.de.yml

@@ -0,0 +1,41 @@
+de:
+  errors:
+    messages:
+      taken_in_past: 'wurde bereits in der Vergangenheit verwendet.'
+      equal_to_current_password: 'darf nicht dem aktuellen Passwort entsprechen.'
+      equal_to_email: 'darf nicht dem E-mail entsprechen.'
+      password_complexity:
+        digit:
+          one: muss mindestens eine Ziffer enthalten
+          other: muss mindestens %{count} Ziffern enthalten
+        lower:
+          one: muss mindestens einen Kleinbuchstaben enthalten
+          other: muss mindestens %{count} Kleinbuchstaben enthalten
+        symbol:
+          one: muss mindestens ein Sonderzeichen enthalten
+          other: muss mindestens %{count} Sonderzeichen enthalten
+        upper:
+          one: muss mindestens einen Großbuchstaben enthalten
+          other: muss mindestens %{count} Großbuchstaben enthalten
+  devise:
+    invalid_captcha: 'Die Captcha-Eingabe ist nicht gültig.'
+    invalid_security_question: 'Die Antwort auf die Sicherheitsfrage war ungültig.'
+    paranoid_verify:
+      code_required: 'Bitte geben Sie den Code ein, den unser Support-Team zur Verfügung gestellt hat.'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: Bestätigungscode eingeben
+        verification_code: Bestätigungscode
+        submit: Bestätigen
+    password_expired:
+      updated: 'Das neue Passwort wurde übernommen.'
+      change_required: 'Ihr Passwort ist abgelaufen. Bitte vergeben Sie ein neues Passwort.'
+      show:
+        renew_your_password: Vergeben Sie ein neues Passwort
+        current_password: Aktuelles Passwort
+        new_password: Neues Passwort
+        new_password_confirmation: Passwort bestätigen
+        change_my_password: Passwort ändern
+    failure:
+      session_limited: 'Ihre Anmeldedaten wurden in einem anderen Browser genutzt. Bitte melden Sie sich erneut an, um in diesem Browser fortzufahren.'
+      expired: 'Ihr Account ist aufgrund zu langer Inaktivität abgelaufen. Bitte kontaktieren Sie den Administrator.'

data/test/tmp/config/locales/devise.security_extension.en.yml

@@ -0,0 +1,42 @@
+en:
+  errors:
+    messages:
+      taken_in_past: 'was used previously.'
+      equal_to_current_password: 'must be different than the current password.'
+      equal_to_email: 'must be different than the email.'
+      password_complexity:
+        digit:
+          one: must contain at least one digit
+          other: must contain at least %{count} digits
+        lower:
+          one: must contain at least one lower-case letter
+          other: must contain at least %{count} lower-case letters
+        symbol:
+          one: must contain at least one punctuation mark or symbol
+          other: must contain at least %{count} punctuation marks or symbols
+        upper:
+          one: must contain at least one upper-case letter
+          other: must contain at least %{count} upper-case letters
+  devise:
+    invalid_captcha: 'The captcha input was invalid.'
+    invalid_security_question: 'The security question answer was invalid.'
+    paranoid_verify:
+      code_required: 'Please enter the code our support team provided'
+    paranoid_verification_code:
+      updated: Verification code accepted
+      show:
+        submit_verification_code: Submit verification code
+        verification_code: Verification code
+        submit: Submit
+    password_expired:
+      updated: 'Your new password is saved.'
+      change_required: 'Your password is expired. Please renew your password.'
+      show:
+        renew_your_password: Renew your password
+        current_password: Current password
+        new_password: New password
+        new_password_confirmation: Confirm new password
+        change_my_password: Change my password
+    failure:
+      session_limited: 'Your login credentials were used in another browser. Please sign in again to continue in this browser.'
+      expired: 'Your account has expired due to inactivity. Please contact the site administrator.'

data/test/tmp/config/locales/devise.security_extension.es.yml

@@ -0,0 +1,30 @@
+es:
+  errors:
+    messages:
+      taken_in_past: 'la contraseña fue usada previamente, por favor elige otra.'
+      equal_to_current_password: 'tiene que ser diferente a la contraseña actual.'
+      equal_to_email: 'tiene que ser diferente al email'
+      password_complexity:
+        digit:
+          one: tiene que contener al menos un dígito
+          other: tiene que contener al menos %{count} dígitos
+        lower:
+          one: tiene que contener al menos una minúscula
+          other: tiene que contener al menos %{count} minúsculas
+        symbol:
+          one: tiene que contener al menos un signo de puntuación
+          other: tiene que contener al menos %{count} signos de puntuación
+        upper:
+          one: tiene que contener al menos una mayúscula
+          other: tiene que contener al menos %{count} mayúsculas
+  devise:
+    invalid_captcha: 'El captcha ingresado es inválido.'
+    invalid_security_question: 'La respuesta a la pregunta de seguridad fue incorrecta.'
+    paranoid_verify:
+      code_required: 'Por favor ingrese el código provisto por nuestro equipo de soporte'
+    password_expired:
+      updated: 'Su nueva contraseña ha sido guardada.'
+      change_required: 'Su contraseña ha expirado. Por favor renueve su contraseña.'
+    failure:
+      session_limited: 'Sus credenciales de inicio de sesión fueron usadas en otro navegador. Por favor inicie sesión nuevamente para continuar en este navegador.'
+      expired: 'Su cuenta ha expirado debido a inactividad. Por favor contacte al administrador de la aplicación.'

data/test/tmp/config/locales/devise.security_extension.fa.yml

@@ -0,0 +1,41 @@
+fa:
+  errors:
+    messages:
+      taken_in_past: 'قبلا استفاده شده است'
+      equal_to_current_password: 'باید متفاوت با رمز عبور فعلی باشد'
+      equal_to_email: 'باید متفاوت از ایمیل باشد'
+      password_complexity:
+        digit:
+          one: باید حداقل یک رقم داشته باشد
+          other: باید حداقل %{count} عدد داشته باشد
+        lower:
+          one: باید حداقل شامل یک حرف کوچک باشد
+          other: باید حداقل %{count} حروف کوچک داشته باشد
+        symbol:
+          one: باید حداقل دارای یک علامت یا کارکتر خاص باشد
+          other: باید حداقل دارای %{count} علائم یا کارکتر های خاص باشد
+        upper:
+          one: باید حداقل یک حرف بزرگ داشته باشد
+          other: باید حداقل %{count} حروف بزرگ داشته باشد
+  devise:
+    invalid_captcha: 'اطلاعات وارد شده در کپچا نامعتبر بود'
+    invalid_security_question: 'پاسخ سوال امنیتی نامعتبر بود'
+    paranoid_verify:
+      code_required: 'لطفاً کدی را که تیم پشتیبانی ما ارائه کرده است وارد کنید'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: ارسال کد تاییدیه
+        verification_code: کد تاییدیه
+        submit: ارسال
+    password_expired:
+      updated: 'رمز جدید شما ذخیره شده است'
+      change_required: 'رمز عبور شما منقضی شده است ،لطفاً رمز خود را تمدید کنید'
+      show:
+        renew_your_password: ساختن رمز عبور جدید
+        current_password: رمز عبور جاری
+        new_password: رمز عبور جدید
+        new_password_confirmation: تکرار رمز جدید
+        change_my_password: تغییر رمز عبور
+    failure:
+      session_limited: 'از اطلاعات ورود شما در مرورگر دیگری استفاده شده است، برای ادامه در این مرورگر لطفاً دوباره وارد سیستم شوید'
+      expired: 'حساب شما به دلیل عدم فعالیت منقضی شده است، لطفاً با مدیر سایت تماس بگیرید.'

data/test/tmp/config/locales/devise.security_extension.fr.yml

@@ -0,0 +1,30 @@
+fr:
+  errors:
+    messages:
+      taken_in_past: a été utilisé trop récemment. Veuillez en choisir un autre
+      equal_to_current_password: doit être différent de l'actuel
+      equal_to_email: doit être différent de l'e-mail
+      password_complexity:
+        digit:
+          one: doit contenir au moins un chiffre
+          other: doit contenir au moins %{count} chiffres
+        lower:
+          one: doit contenir au moins une lettre miniscule
+          other: doit contenir au moins %{count} lettres miniscules
+        symbol:
+          one: doit contenir au moins un signe de ponctuation
+          other: doit contenir au moins %{count} signes de ponctuation
+        upper:
+          one: doit contenir au moins une lettre majuscule
+          other: doit contenir au moins %{count} lettres majuscules
+  devise:
+    invalid_captcha: Le captcha n'est pas valide
+    invalid_security_question: La réponse à la question de sécurité est invalide
+    paranoid_verify:
+      code_required: Veuillez entrer le code fourni par notre équipe de support
+    password_expired:
+      updated: Votre nouveau mot de passe est enregistré
+      change_required: Votre mot de passe a expiré. Veuillez en choisir un autre
+    failure:
+      session_limited: Vos identifiants de connexion ont été utilisés dans un autre navigateur. Veuillez vous reconnecter pour continuer dans ce navigateur
+      expired: Votre compte a expiré pour cause d'inactivité. Veuillez contacter l'administrateur du site

data/test/tmp/config/locales/devise.security_extension.hi.yml

@@ -0,0 +1,42 @@
+
+hi:
+  errors:
+    messages:
+      taken_in_past: यह पासवर्ड, आपके द्वारा पूर्व मे प्रयोग किया जा चुका है
+      equal_to_current_password: नया पासवर्ड, वर्तमान पासवर्ड से भिन्न होना चाहिए
+      equal_to_email: ईमेल से अलग होना चाहिए
+      password_complexity:
+        digit:
+          one: एक अंक होना चाहिए
+          other: कम से कम %{count} अंक होने चाहिए
+        lower:
+          one: एक लोअर-केस अक्षर होना चाहिए
+          other: कम से कम %{count} अक्षर होने चाहिए
+        symbol:
+          one: एक चिन्ह होना चाहिए
+          other: कम से कम %{count} चिन्ह होने चाहिए
+        upper:
+          one: एक अपर-केस अक्षर होना चाहिए
+          other: कम से कम %{count} अपर-केस अक्षर होने चाहिए
+  devise:
+    invalid_captcha: अमान्य कॅप्टचा
+    invalid_security_question: अमान्य सुरक्षा उत्तर
+    paranoid_verify:
+      code_required: सपोर्ट टीम द्वारा दिया गया कोड डाले
+    paranoid_verification_code:
+      show:
+        submit_verification_code: वेरिफिकेशन कोड डाले
+        verification_code: वेरिफिकेशन कोड
+        submit: सबमिट
+    password_expired:
+      updated: पासवर्ड अद्यतन किया गया
+      change_required: पासवर्ड अमान्य हो चुका, पासवर्ड बदले
+      show:
+        renew_your_password: पासवर्ड बदले
+        current_password: वर्तमान पासवर्ड
+        new_password: नया पासवर्ड
+        new_password_confirmation: नए पासवर्ड की पुष्टि करें
+        change_my_password: पासवर्ड बदले
+    failure:
+      session_limited: जानकारी, दूसरे ब्राउज़र में उपयोग की गयी थी जारी रखने फिर से साइन-इन करे
+      expired: कोई गतिविधि न होने के कारण खाता बंद हो गया, सिस्टम व्यवस्थापक से संपर्क करें

data/test/tmp/config/locales/devise.security_extension.it.yml

@@ -0,0 +1,41 @@
+it:
+  errors:
+    messages:
+      taken_in_past: "è stata gia' utilizzata in passato!"
+      equal_to_current_password: " deve essere differente dalla password corrente!"
+      equal_to_email: "deve essere differente dall'email"
+      password_complexity:
+        digit:
+          one: deve contenere almeno una cifra
+          other: deve contenere almeno %{count} cifre
+        lower:
+          one: deve contenere almeno una lettera minuscola
+          other: deve contenere almeno %{count} lettere minuscole
+        symbol:
+          one: deve contenere almeno un simbolo di punteggiatura o un simbolo speciale
+          other: deve contenere almeno %{count} tra simboli di punteggiatura e simboli speciali
+        upper:
+          one: deve contenere almeno una lettera maiuscola
+          other: deve contenere almeno %{count} lettere maiuscole
+  devise:
+    invalid_captcha: "Il captcha inserito non è valido!"
+    invalid_security_question: 'La risposta alla domanda di sicurezza non è valida.'
+    paranoid_verify:
+      code_required: 'Inserisci il codice fornito dal nostro team di supporto'
+    paranoid_verification_code:
+      show:
+        submit_verification_code: Invia codice di verifica
+        verification_code: Codice di verifica
+        submit: Invia
+    password_expired:
+      updated: "La tua nuova password è stata salvata."
+      change_required: "La tua password è scaduta. Si prega di rinnovarla!"
+      show:
+        renew_your_password: Rinnova la tua password
+        current_password: Password attuale
+        new_password: Nuova password
+        new_password_confirmation: Conferma nuova password
+        change_my_password: Cambia la mia password
+    failure:
+      session_limited: "Hai effettuato l accesso in un altro browser. Fai nuovamente l accesso per connetterti in questo."
+      expired: 'Il tuo account è stato bloccato per inattività. Contatta l amministratore del sito.'