You can define Password Policy definitions specific to the application you have developed.
Start by naming the module Password Policy Settings.
The Characters and Size tab allows you to specify the characters that can and/or cannot be used in passwords and the password lengths.
Under Must Contains, you can set whether the password contains lowercase, uppercase, numeric, and special characters, as well as the minimum number of characters. If you also want it to contain special characters, you can set the special characters that can be used.
Under Must NOT Contains, you can set whether the password must not contain certain words (defined as special), consecutive numbers, repeated letters, the user's date of birth and the user's first and last name.
With Password Length you can set the minimum and maximum character lengths.
Through the Locking tab you can set the password expiration time, account lockout on incorrect password entry, CAPTCHA and reuse of the last used password.
Under Password Age you can set the minimum and maximum number of days the password is valid . You can also set how many days before the password expires the user will be notified.
Under Account Lockout , you can set the maximum number of times the password can be entered incorrectly to lock the account for a certain period of time, and set the time it takes to retry entering the password.
Under CAPTCHA , you can set the maximum number of incorrect CAPTCHA attempts and the maximum number of incorrect passwords that can be entered for CAPTCHA to be active.
Under Last Passwords, you can set whether the last password used can be reused when setting a new password and whether the new password will be the same as the last password.