I'm agreeing with the other replies saying that if this is really needed, it can be done as a third-party module.
As much as possible, I want to have Django avoid promoting outdated security policies (and the fact that many places still use them doesn't mean they're current; it means they haven't caught up to the published best practices). The numeric validator does make some sense because there are cases where you want an all-numeric credential, and where it's not bad practice to do that. So it can stay, but I wouldn't want to add validators that try to enforce false "complexity". -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CAL13Cg_2NJvttfavz0i5WMg9tQzWMOMu6gpY49EKZ1bp6hD91A%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
