Look into either enforcing this, or have a more complex check so that a user cannot be staff if their password is too weak. [python-zxcvbn demo](http://birdhouse.org/blog/2015/06/16/sane-password-strength-validation-for-django-with-zxcvbn/)
Look into either enforcing this, or have a more complex check so that a user cannot be staff if their password is too weak.
python-zxcvbn demo