I have a WordPress site that has user sign up and woocommerce

The new password requirements are so difficult that customers are going elsewhere

is it possible to tone it down ?

eg Singletrack!1783, Stw1985! Anthony.wetwick1984! are all considered weak

Why do they need to create an account to checkout?

The site has a membership system and a shop so an account is required users can keep track of subscriptions and to a lesser extent any shop any order history

Required by you, not the users.

Anyway. Is it a WP.com site or are you hosting a WP.org installation? I’m 99% certain that my self-hosted install doesn’t have such requirements.

stw claims passwords similar to that are weak.

I gave up trying to create a strong one as it seemed to let me continue.

Required by you, not the users.

maybe but i as a customer expect an account from CRC,wiggle,Evans, ticket master so i can track my purchases and subscriptions

Anyway. Is it a WP.com site or are you hosting a WP.org installation? I’m 99% certain that my self-hosted install doesn’t have such requirements.

it is self hosted

my app says 4 days for the first and 7 hours for the second.

It has centuries for the last but that does look a bit suspect, like social engineering clues might help, so maybe the algorythm is scanning for no years and no names?

it is self hosted

Then I’d hazard it’s a ‘feature’ of the e-commerce plugin or some such rather than WP itself. Worth checking options there.