diff --git a/charts/ocis/Chart.yaml b/charts/ocis/Chart.yaml
index f3d3f34c2..4c4f9afff 100644
--- a/charts/ocis/Chart.yaml
+++ b/charts/ocis/Chart.yaml
@@ -10,7 +10,7 @@ maintainers:
     url: https://owncloud.com
 type: application
 version: 0.5.0
-appVersion: 5.0.0-alpha.5
+appVersion: 5.0.0-alpha.6
 kubeVersion: "" # please see https://doc.owncloud.com/ocis/next/deployment/container/orchestration/orchestration.html#get-the-chart for compatible Kubernetes versions
 sources:
   - https://github.com/owncloud/ocis-charts
diff --git a/charts/ocis/README.md b/charts/ocis/README.md
index 9fe3f1cf4..2ddd921f0 100644
--- a/charts/ocis/README.md
+++ b/charts/ocis/README.md
@@ -2,7 +2,7 @@
 [comment]: # (DONT EDIT THIS FILE, it is autogenerated. Instead you need to edit README.md.gotmpl)
 
 # ownCloud Infinite Scale (oCIS) Helm chart
-![Version: 0.5.0](https://img.shields.io/badge/Version-0.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0-alpha.5](https://img.shields.io/badge/AppVersion-5.0.0--alpha.5-informational?style=flat-square)
+![Version: 0.5.0](https://img.shields.io/badge/Version-0.5.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 5.0.0-alpha.6](https://img.shields.io/badge/AppVersion-5.0.0--alpha.6-informational?style=flat-square)
 
 Installs [ownCloud Infinite Scale](https://doc.owncloud.com/ocis/next/).
 
diff --git a/charts/ocis/templates/frontend/config.yaml b/charts/ocis/templates/frontend/config.yaml
index f591ff453..23fd93a15 100644
--- a/charts/ocis/templates/frontend/config.yaml
+++ b/charts/ocis/templates/frontend/config.yaml
@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: sharing-banned-passwords
+  name: sharing-banned-passwords-{{ .appName }}
   namespace: {{ template "ocis.namespace" . }}
   labels:
     {{- include "ocis.labels" . | nindent 4 }}
diff --git a/charts/ocis/templates/frontend/deployment.yaml b/charts/ocis/templates/frontend/deployment.yaml
index d0f9f78ae..88c1ccfd5 100644
--- a/charts/ocis/templates/frontend/deployment.yaml
+++ b/charts/ocis/templates/frontend/deployment.yaml
@@ -189,4 +189,4 @@ spec:
           emptyDir: {}
         - name: configs
           configMap:
-            name: sharing-banned-passwords
+            name: sharing-banned-passwords-{{ .appName }}
diff --git a/charts/ocis/templates/sharing/config.yaml b/charts/ocis/templates/sharing/config.yaml
new file mode 100644
index 000000000..9019362cd
--- /dev/null
+++ b/charts/ocis/templates/sharing/config.yaml
@@ -0,0 +1,15 @@
+{{- include "ocis.basicServiceTemplates" (dict "scope" . "appName" "appNameSharing" "appNameSuffix" "") -}}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sharing-banned-passwords-{{ .appName }}
+  namespace: {{ template "ocis.namespace" . }}
+  labels:
+    {{- include "ocis.labels" . | nindent 4 }}
+data:
+  sharing-banned-passwords.txt: |-
+    {{- with .Values.features.sharing.passwordPolicies.bannedPasswords -}}
+    {{- range . -}}
+    {{- . | nindent 4 }}
+    {{- end -}}
+    {{- end -}}
diff --git a/charts/ocis/templates/sharing/deployment.yaml b/charts/ocis/templates/sharing/deployment.yaml
index 7822dd7fe..d59a06cce 100644
--- a/charts/ocis/templates/sharing/deployment.yaml
+++ b/charts/ocis/templates/sharing/deployment.yaml
@@ -78,9 +78,22 @@ spec:
             - name: SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD
               value: {{ .Values.features.sharing.publiclink.writeableShareMustHavePassword | quote }}
 
-            # TODO: does not exist currently. Probably should be there because we also have SHARING_PUBLIC_WRITEABLE_SHARE_MUST_HAVE_PASSWORD!?
-            # - name: SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD
-            #   value: {{ .Values.features.sharing.publiclink.shareMustHavePassword | quote }}
+            - name: SHARING_PUBLIC_SHARE_MUST_HAVE_PASSWORD
+              value: {{ .Values.features.sharing.publiclink.shareMustHavePassword | quote }}
+
+            # password policies
+            - name: SHARING_PASSWORD_POLICY_MIN_CHARACTERS
+              value: {{ .Values.features.sharing.passwordPolicies.minCharacters | quote }}
+            - name: SHARING_PASSWORD_POLICY_MIN_LOWERCASE_CHARACTERS
+              value: {{ .Values.features.sharing.passwordPolicies.minLowerCharacters | quote }}
+            - name: SHARING_PASSWORD_POLICY_MIN_UPPERCASE_CHARACTERS
+              value: {{ .Values.features.sharing.passwordPolicies.minUpperCharacters | quote }}
+            - name: SHARING_PASSWORD_POLICY_MIN_DIGITS
+              value: {{ .Values.features.sharing.passwordPolicies.minDigits | quote }}
+            - name: SHARING_PASSWORD_POLICY_MIN_SPECIAL_CHARACTERS
+              value: {{ .Values.features.sharing.passwordPolicies.minSpecialCharacters | quote }}
+            - name: SHARING_PASSWORD_POLICY_BANNED_PASSWORDS_LIST
+              value: /etc/ocis/sharing-banned-passwords.txt
 
             # user sharing
             - name: SHARING_USER_DRIVER
@@ -123,11 +136,11 @@ spec:
           volumeMounts:
             - name: tmp-volume
               mountPath: /tmp
-            - name: ocis-config-tmp
-              mountPath: /etc/ocis # we mount that volume only to apply fsGroup to that path
             - name: messaging-system-ca
               mountPath: /etc/ocis/messaging-system-ca
               readOnly: true
+            - name: configs
+              mountPath: /etc/ocis
 
       {{- include "ocis.imagePullSecrets" $ | nindent 6 }}
       volumes:
@@ -142,3 +155,6 @@ spec:
           {{ else }}
           emptyDir: {}
           {{ end }}
+        - name: configs
+          configMap:
+            name: sharing-banned-passwords-{{ .appName }}