Weak Password Policy

##Summary your website allowing users to set their password to simple, at this time, i can set my password to 123456 Determine the resistance of the application against brute force password guessing using available password dictionaries by evaluating the length, complexity, reuse and aging requirements of passwords. you should make password policy to protect your user, Uppercase, lowcase. as it makes it much more secure it will be acceptable ##Step to reproduce - change password to 123456 with password reset Reference : https://www.owasp.org/index.php/Testing_for_Weak_password_policy_(OTG-AUTHN-007)