<!--- Please read this! Before opening a new issue, make sure to search for keywords in the issues filtered by the "T - Bug" label and verify the issue you're about to submit isn't a duplicate. ---> ### Summary When you forget your password, the password strength enforcement is different. Characters like @ are not allowed, but all lower case with no numbers and symbols is. ### Steps to reproduce 1. Log out 2. Click on forgot my password on login form 3. follow instructions 4. try an all lower case password with an @ 5. try removing the @ ### Platform information Very likely cross-platform but reproduced on S7 edge. ### What is the current *bug* behavior? Weak passwords are allowed. ### What is the expected *correct* behavior? Weak passwords should not be allowed. ### Relevant logs and/or screenshots (Paste any relevant logs - please use code blocks (```) to format console output, logs, and code as it's very hard to read otherwise.) ### Possible fixes (If you can, link to the line of code that might be responsible for the problem)