Breaking: #102023 - Remove security.usePasswordPolicyForFrontendUsers

See forge#102023


The feature toggle security.usePasswordPolicyForFrontendUsers has been removed, because TypoScript-based password validation in ext:felogin has been removed, too.


The password policy configured in $GLOBALS['TYPO3_CONF_VARS']['FE']['passwordPolicy'] is now always active for frontend user records in DataHandler and for the password recovery functionality in ext:felogin.

Affected installations

Installations, where security.usePasswordPolicyForFrontendUsers is deactivated.


To disable the password policy for frontend users, $GLOBALS['TYPO3_CONF_VARS']['FE']['passwordPolicy'] must be set to an empty string. Note, that it is not recommended to disable the password policy on production websites.