Here we go with some more nifty code for you WordPress developers… As ever, this code is roughly tested but probably not for novices. It’s designed to drop into a custom theme’s functions.php file. It probably should be a plugin, and it might make it one day when it’s thoroughly tested and I get time…
Anyway, it’s a solution to a problem that I’m very surprised isn’t built into the WP core (as an option at least), and isn’t addressed by any easily found plugin or code already out there. As we know, WP provides a good “password strength meter” on the user profile page, which is great as strong passwords are (or should be) one of the first lines of defence against attacks on your site. But it’s just an indicator—there’s nothing stopping someone using “password” as their password, or something dumb like that. All you need is one Administrator or Editor with a dumb password, and the whole site is highly vulnerable.
How about a little enforcement?
Welcome! I build websites - mostly based on the brilliant, free & open 
