diff --git a/Gemfile b/Gemfile
index a5a978e59996b702bd63dbea570914520963c75b..a05b7ed5093db5cb55646c442cdf58572d01244a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -25,7 +25,9 @@ gem 'faraday', '~> 1.0'
 gem 'marginalia', '~> 1.9.0'
 
 # Authentication libraries
-gem 'devise', '~> 4.6'
+gem 'devise', '~> 4.7.2'
+# TODO: verify ARM compile issue on 3.1.13+ version (see https://gitlab.com/gitlab-org/gitlab/-/merge_requests/18828)
+gem 'bcrypt', '3.1.12'
 gem 'doorkeeper', '~> 5.3.0'
 gem 'doorkeeper-openid_connect', '~> 1.7.4'
 gem 'omniauth', '~> 1.8'
diff --git a/Gemfile.lock b/Gemfile.lock
index f1821c9ce9fc076f7813834233d25aae76e77b04..532a8c86f621acab2927fba99c8e72a91e4286af 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -235,7 +235,7 @@ GEM
       thor (>= 0.19, < 2)
       unicode_plot (>= 0.0.4, < 1.0.0)
     device_detector (1.0.0)
-    devise (4.7.1)
+    devise (4.7.3)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -1257,6 +1257,7 @@ DEPENDENCIES
   babosa (~> 1.0.2)
   base32 (~> 0.3.0)
   batch-loader (~> 1.4.0)
+  bcrypt (= 3.1.12)
   bcrypt_pbkdf (~> 1.0)
   benchmark-ips (~> 2.3.0)
   benchmark-memory (~> 0.1)
@@ -1282,7 +1283,7 @@ DEPENDENCIES
   default_value_for (~> 3.3.0)
   derailed_benchmarks
   device_detector
-  devise (~> 4.6)
+  devise (~> 4.7.2)
   devise-two-factor (~> 3.1.0)
   diff_match_patch (~> 0.1.0)
   diffy (~> 3.3)