The default setting in itslearning is 'strong password complexity'. And this is what we recommend.
However, admins can choose a lower level of complexity if that is prefered by the educational organization.
Note: Reducing the complexity of password settings affects the security of all users on the site, regardless of their profile! Therefore, you should be especially careful if you do not have 2-factor-authentication for local admins. (For system admins, 2FA is mandatory).
To do this, access the 'Set password rules' setting:
Admin > Edit global settings > Features and security > Set password rules
- Low - at least 7 characters, no requirements for obligatory characters
- Medium - at least 10 characters including lowercase, uppercase and number(s)
- Strong - at least 13 characters including lowercase, uppercase, number(s) and special character(s)
Require that all users change their password after their next login
If this option is enabled, it will also be set automatically under:
Admin> User and access rights > User account >Password > Must change password on next login.