Feature: #97390 - Use password policy for password reset in ext:felogin

See forge#97390

Description

The password reset feature for TYPO3 frontend users now takes into account the configurable password policy introduced in #97388, if the feature toggle security.usePasswordPolicyForFrontendUsers is set to true (default for new TYPO3 websites).

Impact

Password validation configured through plugin.tx_felogin_login.settings.passwordValidators has been marked as deprecated, but will still be used for password validation, if the feature toggle security.usePasswordPolicyForFrontendUsers is set to false.

TYPO3 websites, which have the feature toggle security.usePasswordPolicyForFrontendUsers set to true, will use the globally configured password policy when a TYPO3 frontend user resets their password. The TYPO3 default password policy contains the following password requirements:

  • At least 8 chars

  • At least one number

  • At least one upper case char

  • At least one special char

  • Must be different than current password (if available)