...
Currently The integration points are at plugins those implement UserAuthenticator wile encoding a given password.
...
<bean id="passwordChecker" class="org.apache.cloudstack.security.password.PasswordCheckerImpl">
<property name="name" value="DEFAULTPASSWORDCHECKER"/>
<!-- Comment any of the below sections you want modify if you are having requirements which are differing with default values -->
<!-- property name="minLength" value="8"/ -->
<!-- property name="maxLength" value="16"/ -->
<!-- property name="passwordCheckerPropertiesFile" value="password-checker.properties"/ -->
</bean>
It has the following property file to change the password strength rules.
The password strength is calculated based on the following algorithm: