Enforce the password strength for users

[edwinthinks]

Summary

We currently suggest users create passwords that meet a certain level of 'strength'. Instead of suggesting, we should enforce it. Let's add the necessary changes to not accept passwords that don't meet the password strength requirements.

Here the updated password strength requirements. (I tried not to make it differ too much)

• At least 8 characters long
• At least one nonalphabetic character, meaning one !

Things to Consider

• Having a strong password requirement is good, but sometimes it can be really annoying if users have to remember passwords. (In the future, it would be ideal for users to login using their gmail /w Social Sign In)
• Must change the default passwords we add in our seed.
• Must update README with account info + staging credentials

Criteria for Completion

• As a user, I am able to see what the password strength requirements are so I can make a more secure password.
• As a user, I am NOT able to create a password that does not meet the password strength requirements.
• As a developer, I know to utilize the new passwords for the demo/staging accounts to access local & staging as a diaperbase and partnerbase user.
• Account request email contains new updated password to access staging demo account.

[edwinthinks]

Here the updated password strength requirements. (I tried not to make it differ too much)
At least 8 characters long
At least one nonalphabetic character, meaning one !

@scooter-dangle @albertchae what are your thoughts on what password security makes sense? Currently, it must be more at least 6 characters. I wonder if it is worth making passwords more complex as I think user experience can suffer if they forget complex passwords.