The Identity Server admin can define custom password policies and enforce them at user creation. The configuration for password policy extension are extensions are in the <IS_HOME>/repository/conf/identity/identity-mgt.properties file. You need to enable the identity management listener first by using the following configuration:
...
You can write the custom classes for password policies by extending the org.wso2.carbon.identity.mgt.policy.AbstractPasswordPolicyEnforcerabstractAbstractPasswordPolicyEnforcerabstract class.
The two methods you need to implement are:
...