Enforce password complexity

Server operators should implement LDAP, AD, IAM as best practice where possible. Two factor authentication is strongly advised.