Would this feature enforce the “Special characters” requirement when the database connection “Password Strength” policy is “good” or higher?
AFAICS this isn’t enforced when using Create User API even though “No more than 2 identical characters in a row” is enforced when policy is “excellent”.
I’m definitely +1 for this, even though the current NIST guidelines say that we:
[SHOULD] NOT impose other composition rules (e.g., requiring mixtures of different character types) for passwords.
Related: