Password complexity requirements

Hi dev team,

I have 2 password-related requirements that I need to implement in DHIS to meet our organization’s security policy:

  1.   Password must contain 3 of the following characters: lowercase letters, uppercase letters, numbers, special characters (it currently only requires uppercase and number)
  2.   Password length requirements need to be set according to user role (e.g. superusers and other administrators must have a 16 character password).

I’m trying to build this functionality in-house and contribute it back to the community, but I need some guidance:

  1.   For the password character requirements, I think I have identified the modifications that need to be made to jquery.validate.ext.js and to add a lowercase condition. I [checked it in here]( Could you review? Would the team be ok with adding this to future versions?
  2.   For the password length by user role, I am not sure how to proceed. Is this something that the community would be interested in? Could you advise on where to start?

Thanks much,


Becky Smith

Development-Operations Specialist

ICAP at Columbia University

Tel: 212.304.7115