Enforce password complexity for account creation/password reset

The application fails to enforce password complexity. Most organizations have password complexity requirement as per their security policy. Username and password is the first gate to enter in the application. Attacker gets more time to break the credentials as the password is not complex.

thanks @TheCodeAssassin! our registration page already requires the password to be a minimum of 12 characters. we also block the use of any easy to guess or weak passwords. and we give instant hints to the user on how to make their passwords stronger during the password creation process. you can see it here https://plausible.io/register