I recently had a client who had very precise requirements on passwords.   They wanted each password to be at least 8 characters long and contain at least one capital and one lower case alphabetic character, as well as at least on enumeric and one special character.

Dotnetnuke can handle all of these requirements but it took some researching to figure out how to exactly implement the changes.  

For all of these changes we are heading to the web.config for your Dotnetnuke install.

Locate the line of the configuration that starts with

We are going to modify the properties and add some additional properties for our needs.

First we are going to set the minRequiredPasswordLength="8" because that will meet the needs for each password to be at least 8 characters long.

Then we change minRequiredNonalphanumericCharacters="1" to 1 becuase that indicates we require at least one special character.

Finally, we add a regular expression that meets the other requirements passwordStrengthRegularExpression="(?=^.{6,10}$)(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[!@#$%^&*()_+}{":;'?/>.<,])(?!.*\s).*$"

This property doesn't exist in the DNN web.config but can be added.  For information on the regular expression.  For more information on the regular expression please visit the following link http://davidhayden.com/blog/dave/archive/2004/09/25/501.aspx