From 377c18b4091276a497d3436cf636eb68be5fec41 Mon Sep 17 00:00:00 2001
From: Steve Boyd <emteknetnz@gmail.com>
Date: Mon, 25 Nov 2024 13:54:02 +1300
Subject: [PATCH] API Change default password strength from strong to medium

---
 src/Forms/ConfirmedPasswordField.php                 | 2 +-
 src/Security/Validation/EntropyPasswordValidator.php | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/Forms/ConfirmedPasswordField.php b/src/Forms/ConfirmedPasswordField.php
index 1856a057eff..cef12f589d1 100644
--- a/src/Forms/ConfirmedPasswordField.php
+++ b/src/Forms/ConfirmedPasswordField.php
@@ -53,7 +53,7 @@ class ConfirmedPasswordField extends FormField
      * Minimum password strength if requireStrongPassword is true
      * See https://symfony.com/doc/current/reference/constraints/PasswordStrength.html#minscore
      */
-    private int $minPasswordStrength = PasswordStrength::STRENGTH_STRONG;
+    private int $minPasswordStrength = PasswordStrength::STRENGTH_MEDIUM;
 
     /**
      * Callback used to generate a random password if $this->canBeEmpty is true and the field is left blank
diff --git a/src/Security/Validation/EntropyPasswordValidator.php b/src/Security/Validation/EntropyPasswordValidator.php
index 27c7f6186b2..dc02fb7cc0a 100644
--- a/src/Security/Validation/EntropyPasswordValidator.php
+++ b/src/Security/Validation/EntropyPasswordValidator.php
@@ -20,7 +20,7 @@ class EntropyPasswordValidator extends PasswordValidator
      * The strength of a valid password.
      * See https://symfony.com/doc/current/reference/constraints/PasswordStrength.html#minscore
      */
-    private static int $password_strength = PasswordStrength::STRENGTH_STRONG;
+    private static int $password_strength = PasswordStrength::STRENGTH_MEDIUM;
 
     public function validate(string $password, Member $member): ValidationResult
     {