You are talking both about creating your own password and about setting password-requirements for users that are logging in to your app.

For Creating your own there is this regex: https://regex101.com/library/L75p3B?orderBy=RELEVANCE&search=number+of++characters that modified to your wish (set to max 8 uppercase characters)would probably be

^(?=.*\d)(?=.*[A-Z]){1,8}(?=.*[a-z])(?=.*[^\w\d\s:])([^\s]){12,123}$

For an extra check on the user’s password, I don’t think you can adjust that.

Hi Koen,

ran some tests. It seems you're correct. When the “minimum amount of characters” is higher then the given amount of "NrOfCapitalizedCharacters + NrOfDigits +NrOfSpecialCharacters” the action will just and more of these in combination with lowercase symbols.

Also the “max amount of characters” is often neglected bij the action.

As far as I can see there is no maximum amount of characters to be set. You will have to adjust the java action for that / write your own. 

You could validate the password with a regular expression, if it fails, generate a new password.

Roy's workaround to validate generated random passwords and create a new password if needed works, but..

It would be great if the CommunityCommons module will be updated to be able to generate Random passwords that match the security setting “Require mixed case [This requires the password to contain both lowercase and uppercase characters]”. Maybe by adding a parameter like noOfLCAlpha to be able to specify a minimum amount of lowercase characters too?

There is already a github issue for a similar request (since feb '21):
https://github.com/mendix/CommunityCommons/issues/105

I would suggest that u can create ur own password generator java action with some required parameters

Java Password Generator - Javatpoint

drop me a line at chandresh.shukla@resilientitservices.com in case u need help