diff -r 000000000000 -r 3906ca745819 packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/templates/pw-strength.tpl
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/packages/ssoinabox-webui/root/usr/local/share/ssoinabox/htdocs/includes/templates/pw-strength.tpl	Tue Jan 08 23:13:29 2013 -0500
@@ -0,0 +1,35 @@
+{assign var="title" value="Password strength requirements"}
+{include file="header.tpl"}
+
+<h1>Password security policy</h1>
+
+<p>Passwords are often considered <a href="http://www.zdnet.com/blog/service-oriented/passwords-are-the-weakest-link-in-enterprise-it-security-study/8682">one
+	of the weakest links</a> in information security. For the safety of the entire organization, this appliance employs password security policies designed to
+	minimize the risk of a successful attack against any account on the system.</p>
+
+<p>These requirements are summarized as follows:</p>
+
+<ul>
+	<li>Passwords must be a minimum of 8 characters in length.</li>
+	<li>
+		For passwords which are 16 characters in length or less:
+		<ul>
+			<li>The password contain at least one letter (A-Z, a-z)</li>
+			<li>The password contain at least digit (0-9)</li>
+			<li>The password contain at least symbol</li>
+		</ul>
+	</li>
+	<li>
+		For passwords which are 17 characters in length or greater:
+		<ul>
+			<li>Any combination of letters, numbers, and/or symbols is permitted.</li>
+		</ul>
+	</li>
+</ul>
+
+<p>We recognize that generating secure passwords which meet stringent security requirements can be a difficult exercise. Thus, we allow longer passwords to not contain
+	symbols, enabling the use of passwords which follow the
+	<a href="http://xkcd.com/936">XKCD 936</a> pattern. A tool to generate "XKCD 936 compliant" passwords can be found 
+	<a href="https://correcthorsebatterystaple.heroku.com/">here</a>.</p>
+
+{include file="footer.tpl"}