There is no built in support for this, but you may be able to modify your theme to allow for this functionality using javascript.

Here is a relatively simple example online - https://www.w3schools.com/howto/howto_js_toggle_password.asp - that should be helpful.

Passwords don’t expire unless you configure the expiration (max age) in the password policy. So by default your password will never expire.

You can implement any password hashing scheme as a plugin and load it into FusionAuth. Then you simply migrate the user using new scheme. There is a tutorial on that matter in the docs.

If you want to use the breached password detection feature, then that check will be applied for any new account registrations.

You could always disable the breached password detection feature.

Sorry, I don't have a better answer for you.

Our validation takes in inverse approach. The setting is actually to require a non-alphanumeric character. So any character that is not alphabetic, or a digit, will satisfy this requirement.

There is not a fixed set of symbols as this would reduce the password entropy, which is generally a bad idea.

Actually, as of when I write this post, we have two license keys available for anyone with a paid edition. One is a prod license and the other is a non prod license. The latter is a good fit for testing, CI, etc.

Currently the only way to accomplish this will be to use the Import API, as you mentioned: https://fusionauth.io/docs/v1/tech/apis/users#import-users

We do have an open feature request to allow hashes to be provided on the User API, which I think would be what you're looking for: https://github.com/FusionAuth/fusionauth-issues/issues/348

Feel free to upvote that issue.

In the UI you can select "Special character" to require at least one special character. If anyone is looking to understand which characters will satisfy this requirement read on.

If you view the tooltip or the API - you’ll see the configuration is actually for non-alpha-numeric.

https://fusionauth.io/docs/v1/tech/apis/tenants#create-a-tenant

tenant.passwordValidationRules.requireNonAlpha
Whether to force the user to use at least one non-alphanumeric character.

So instead of limiting this to a specific set of special characters, we allow it to be any character that is not a unicode alphabetic and not a digit. In this way, we do not artificially limit the entropy of the password by saying you must use one or more characters for a finite set of "special characters" as you may be used to seeing on some login forms.

You set these at the tenant level.

Home / Settings /Tenants / Edit in the admin UI.

You can also use the API or a kickstart file to set these.