Update devise-security.rb

In these commits ffe9ac7 0d8def3 we updated the devise-security version.
In these versions the 'password_regex'  configuration key and some comments
were changed.

We update this file in order to use the new configuration key 'password_complexity' and keep comments updated.

config/initializers/devise-security.rb

@@ -3,20 +3,24 @@ Devise.setup do |config|
   # Configure security extension for devise
 
   # Should the password expire (e.g 3.months)
-  # config.expire_password_after = false
   config.expire_password_after = 1.year
 
-  # Need 1 char of A-Z, a-z and 0-9
-  # config.password_regex = /(?=.*\d)(?=.*[a-z])(?=.*[A-Z])/
+  # Need 1 char each of: A-Z, a-z, 0-9, and a punctuation mark or symbol
+  # You may use "digits" in place of "digit" and "symbols" in place of
+  # "symbol" based on your preference
+  # config.password_complexity = { digit: 1, lower: 1, symbol: 1, upper: 1 }
 
   # How many passwords to keep in archive
   # config.password_archiving_count = 5
 
-  # Deny old password (true, false, count)
-  # config.deny_old_passwords = true
+  # Deny old passwords (true, false, number_of_old_passwords_to_check)
+  # Examples:
+  # config.deny_old_passwords = false # allow old passwords
+  # config.deny_old_passwords = true # will deny all the old passwords
+  # config.deny_old_passwords = 3 # will deny new passwords that matches with the last 3 passwords
 
   # enable email validation for :secure_validatable. (true, false, validation_options)
-  # dependency: need an email validator like rails_email_validator
+  # dependency: see https://github.com/devise-security/devise-security/blob/master/README.md#e-mail-validation
   # config.email_validation = true
 
   # captcha integration for recover form
@@ -36,6 +40,9 @@ Devise.setup do |config|
 
   # Time period for account expiry from last_activity_at
   # config.expire_after = 90.days
+
+  # Allow password to equal the email
+  # config.allow_passwords_equal_to_email = false
 end
 
 module Devise