Description of the need
I would like a simple way to enforce more secure passwords in Backdrop core. Since a longer password is a stronger password, I would like a minimum length setting for passwords.
Proposed solution
An admin sets a minimum length for passwords

When a password is created that does not meet that minimum, a validation error is thrown asking for a longer one.

Alternatives that have been considered
This a follow up to https://github.com/backdrop/backdrop-issues/issues/4265, where at some point a minimum password length setting was added as a factor in password strength. Both @stpaultim and I recognized it as its own setting, and were surprised when setting a minimum password length still allowed passwords to be created that did not meet the minimum.
Through discussion we realized that the setting we saw -- and that I loved! -- was not intended to be used as a control on allowed password length.
I'm creating this new issue because I still want a password minimum length feature for Backdrop core.
Recent comments
I fixed the usage statistics again today and filed an issue against Project module to fix it permanently: https://github.com/backdrop-contrib/project/issues/66 The short explanation is...
July 16th, 2026 - Weekly Meetings
If there is time, carried over from last week as we didn't have time to look at it then, I would welcome feedback on the approach I've taken to: [A11Y] Update aria role on...
July 16th, 2026 - Weekly Meetings
If there's some time left after discussing code signing (yay!)... 1. Friendly reminder: usage stats are still broken Didn't data get fetched at all (broken parser) or is it a display...
July 16th, 2026 - Weekly Meetings