[BUG] Missing user password requirements

Bug Description

Logging in to a new account and entering a password like this:

1=mh>;e#ps0;/iHO4,,u:s.oo^m'}u.};xU=,UX,(m{eI+(7-9taEg3rb)!0R.m/$#rN< ZdTuX[4b;YYa827JN`E:UIB]@-`}Tbrv`Z,^PG:8!aXNekK>9`gBu2b$A&

(I use pass, and this is a 128 character password generated by it).

It is not clear in what way such a password is not valid.

I have noticed that when typing a password, it explains if the password is too short, or doesn't contain numbers or special characters. Length is a good requirement, but special characters, etc. are not: https://pages.nist.gov/800-63-3/

Despite being well-intentioned, in practice such requirements reduce overall password security.

Expected Behavior

It should accept my password. There is no reason not to accept it. Passwords of length up to 1024 are generally reasonable to accept (limiting the network request payload size only. Once hashed they're all the same size anyway.

Actual Behavior

When I try to use this to set a password:

The server responded with a 400:

{
    "error": {
        "type": "invalid_request",
        "message": "Invalid Password",
        "code": "UR_09"
    }
}

Steps To Reproduce

Provide an unambiguous set of steps to reproduce this bug. Include code or configuration to reproduce, if relevant.

Go to reset password
Submit the form with my example password

Context For The Bug

I was trying to set a password so I could explore hyperswitch's sandbox

Environment

This is on current hyperswitch.io

Have you spent some time checking if this bug has been raised before?

[X] I checked and didn't find a similar issue

Have you read the Contributing Guidelines?

[X] I have read the Contributing Guidelines

Are you willing to submit a PR?

No, I don't have time to work on this right now

juspay / hyperswitch