id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
16860	Provide hooks for password policy	Paul McMillan	Sasha Romijn	"While it is possible to change the validation for new passwords by subclassing the form, I think that Django should provide a more friendly interface for this. We should have a pluggable password authentication framework which enforces no rules by default, but comes with several reasonable example policies which may be enabled.

Problems to be solved include:

 * Informing the user of the various password requirements
 * Allowing policies to chain together smoothly
 * Provide flexibility for complex requirements (some may include their own models)
 * Backwards compatibility
 * Javascript validation assistance (someday, maybe?)
 * HTML5 support (i.e. the pattern attribute)
 * Prevent using email, username or other user attributes as (part of) passwords
 * Prevent reuse of old passwords"	New feature	closed	contrib.auth	dev	Normal	fixed		cmawebsite@…	Accepted	1	0	0	0	0	0