Skip to content

Disable password confirmation during registration

Samet Gunaydin edited this page Sep 14, 2019 · 5 revisions

Some users wants to make the registration process shorter and easier. One of the fields that can be removed is the Password confirmation.

Easiest solution is: you can simply remove the password_confirmation field from the registration form located at devise/registrations/new.html.erb (new.html.haml if you are using HAML), which disables the need to confirm the password entirely!

The reason for this lies in lib/devise/models/validatable.rb in the Devise source:

Note that the validation is only triggered if password_required? returns true, and password_required? will return false if the password_confirmation field is nil.

Because when the password_confirmation field is present in the form, it will always be included in the parameters hash, as an empty string if it is left blank, the validation is triggered. However, if you remove the input from the form, the password_confirmation in the params will be nil, and therefore the validation will not be triggered.

Inspired by @mistertim in stackoverflow

It may not be enough to just remove the password_confirmation field from the registration form. You may get confirmation error near the password field. (Password confirmation doesn't match Password)

= f.input_field :password, required: true, class: 'form-control', validate: true

If you use validate: true

https://github.com/plataformatec/devise/blob/098345aace53d4ddf88e04f1eb2680e2676e8c28/lib/devise/models/validatable.rb#L41

password_required? method will return true and presence and confirmation validations will be added to the input element.

You should use validate: { presence: true, length: true, confirmation: false }

Source: https://stackoverflow.com/a/6040520/2015025

Clone this wiki locally