Would it be possible to customise password requirements for registration, for example we have customers who have policies of a minimum 12 characters for a password within their organisation.

Setting via environment variables would be sufficient.

ie.