By default the only requirement for client passwords is that they be at least 6 characters in length. If I understand, this is defined in /app/models/users.php in getRules, like so:

            'new_password' => [
                'format' => [
                    'rule' => 'isPassword',
                    'message' => $this->_('Users.!error.new_password.format'),
                ],

isPassword is defined in the Input model /vendors/minphp/input/src/Input.php and it allows a minimum length to be set, as well as some pre-defined regex's including: any, any_no_space, alpha_num, alpha, num, custom. If custom is selected then a custom regex can be supplied.

Add a new option under Settings > Client Options: General Client Settings below the last field "Client ID Increment Value". It will consist of 3 new fields.

• Dropdown field called Rule that contains all the rules supported by the isPassword method, but label them like so: Any Characters (any), No Spaces (any_no_space), Alphanumeric Only (alpha_num), Alpha Only (alpha), Numbers Only (num), and Custom.
• If "Custom" is selected, show an Input field where a custom regex may be entered.
• If Custom is not selected, include an input field called "Length". Default to 6.

The reason the length field is not shown for a custom regex is because the length will be defined in the custom regex.

The fields should default to: Any Characters, Any, and 6 for password length. This makes it work the same as it does now.