User password policy
A password policy is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly.
In the security-section of your administrator-settings you can configure
a minimal length of a password. Default is 10 characters.
a password history
a password expiration period
a lockout policy
to forbid common passwords like ‘password’ or ‘login’.
to enforce upper and lower case characters
to enforce numeric characters
to enforce special characters like ! or :
to check the password against the list of breached passwords from haveibeenpwnd.com (hashed check via haveibeenpwnd.com-API)