What are the default WordPress password requirements?
The minimum requirements are that it passes the zxcvbn library’s strength check. I can’t see a simple summary of their rules. This is registered as script ‘zxcvbn-async’ that you can enqueue / make a dependency of your own scripts, and then you can run the check yourself on the client-side. See password-strength-meter and user-profile.js‘s multiple … Read more