## Devise Devise is a flexible authentication solution for Rails based on Warden. https://github.com/heartcombo/devise ### Avoid user enumeration on registerable Configure Devise against [User Enumeration and Guessable User Account](https://wiki.owasp.org/index.php/Testing_for_User_Enumeration_and_Guessable_User_Account_(OWASP-AT-002)) [How To: Using paranoid mode, avoid user enumeration on registerable](https://github.com/heartcombo/devise/wiki/How-To:-Using-paranoid-mode,-avoid-user-enumeration-on-registerable) Add a πŸ‘πŸ» to make it default: https://github.com/heartcombo/devise/issues/5282 ### Hardening Devise A few basic steps to make your [Devise](https://github.com/heartcombo/devise) setup more secure ! https://ankane.org/hardening-devise