It was found that the password policy does not require lowercase characters, Without lowercase characters, the password is weaker and much easier to crack.
Recommended Mitigation
It is recommended to enforce passwords to contain at least one lowercase character.
Authentication
