How is the strength determined? Why can't somebody use 6 characters of any kind? I had somebody register and their password meet the quota but it would always tell them it wasn't stong enough.

There are two sets of validations at work for the password field. The first one is the spry validation, this will be triggered if you enter less than 6 characters into the field. This is controlled in the spry code at the bottom of the page:


var sprypassword1 = new Spry.Widget.ValidationPassword("sprypassword1", {validateOn:["blur"], minChars:6, });


There are also server validations, they are validating for entry length, numbers, and letters. So to pass the server validations you will need at least 6 characters including numbers and letters. Here is the individual server validations that control this, you can remove any one of these that you do not want:

entry length

$WAFV_Errors .= WAValidateEL(((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:"") . "",6,50,true,3);


must contain numbers

$WAFV_Errors .= WAValidateRX(((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:"") . "","/[0-9]/",true,4);


must contain letters

$WAFV_Errors .= WAValidateRX(((isset($_POST["UserPassword"]))?$_POST["UserPassword"]:"") . "","/[a-z,A-Z]/",true,5);

Thanks Eric I think you gave this to me before. But I could not remember where it was.

No problem, now there is just another post that a user could search on with this info so no harm.