Depending on your internal security protocols you might wish to choose another setting for the password security level your users have to fulfil.
In the platform under Admin > Settings > Company Details > Password Settings, you determine the password strength on a scale of 1-5.
Each password level has the same character specifications:
A minimum of 8 characters.
It must include at least 1 letter (uppercase or lowercase).
At least 1 number (0-9).
At least 1 special character (!$#%-_*"€()=?^~).
The further levels are determined by integers as follows below.
Password Security Levels by integers
Scores in the password security levels (1-5) are integers from 0 to 4:
0 means the password is extremely guessable (within 10^3 guesses), dictionary words like 'password' or 'mother' score a 0
1 is still very guessable (guesses < 10^6), an extra character on a dictionary word can score a 1
2 is somewhat guessable (guesses < 10^8), provides some protection from unthrottled online attacks
3 is safely unguessable (guesses < 10^10), offers moderate protection from offline slow-hash scenario
4 is very unguessable (guesses >= 10^10) and provides strong protection from offline slow-hash scenario