Ask HN: Being a password Nazi
My pet Django project is coming along and I am at the stage of implementing User CRUD. I have already prevented the user from making their password the same as their username but I wanted to ask "what lengths do you suggest I goto to prevent users from creating stupid passwords?". Tons of useful password validation rules here: http://en.wikipedia.org/wiki/Password_policy I'd start with minimum length.