Is there any method of creating a specification for passwords (BEFORE they are hashed) so that they have to have characters in them.

I was thinking something along the lines of (not valid syntax):

if($user['usergroupid'] == {moderator usergroup id}){
if(!preg_match("/^[A-Z][a-z][0-9]@:;?%{}/",$_POST['password']){
print "Your password must be more secure";
}
}

Quick FYI - They get hashed with JavaScript before they are sent to the server.

Ahh, my bad.

Thanks (again) Adrian :)

I'll take a look at vbulletin_md5.js and see if I can implement this somewhere there.