Allow advanced password security requirements

[Alanaktion]

Administrators should be able to specify more advanced password requirements like required character sets, in addition to the minimum length setting that exists now. This is useful for meeting various security standards requirements, but has little actual improvement to security because users can still have terribly insecure passwords no matter what restrictions you impose.