Redirecting users to reset their password if current one doesn't meet strength requirements
Hi Ray, I want to force existing website users to reset their passwords if they don't meet the current updated strength criteria. I've duplicated the current login page to test this and have added a message to it which displays if the user inputs a password that doesn't meet the REGEXP criteria. It works fine, however it also displays that message if they input an incorrect password - it should only display if the password is correct AND too short. I can't see where I'm going wrong - can you help? Page is attached.