When using web forms authentication with the ASP.NET Membership provider, we are defaulted to some decently strict password rules. I think eight characters, including one non-alpha, are required.
I'm not looking to make them all willy-nill loose, but generally I do not use a non-alpha character in my own password, and feel like a hypocrite forcing my users to do so.
I've done some looking, but can't figure out where this rule is defined. I'm sure I'm just missing something simple - anyone know?