diff --git a/bin/config_sample/config.ini b/bin/config_sample/config.ini
index 2b7c327..55b65f0 100644
--- a/bin/config_sample/config.ini
+++ b/bin/config_sample/config.ini
@@ -31,3 +31,12 @@ webhook_enabled=false
 webhook_url=Your webhook url here.
 webhook_sendfile=false
 webhook_content=
+
+[Password]
+password_requirements = true
+pass_min_length = 8
+pass_max_length = 0
+pass_required_mix_case = true
+pass_required_numbers = true
+pass_required_special = true
+pass_can_contain_username = false
diff --git a/core/include/aoclient.h b/core/include/aoclient.h
index 735e4d1..b3191b0 100644
--- a/core/include/aoclient.h
+++ b/core/include/aoclient.h
@@ -1878,6 +1878,23 @@ class AOClient : public QObject {
      */
     QStringList updateStatement(QStringList packet);
 
+    /**
+     * @brief Called when area enum is set to PLAYBACK. Sends the IC-Message stored at the current statement.
+     * @return IC-Message stored in the QVector.
+     */
+    QStringList playTestimony();
+
+    /**
+     * @brief Checks if a password meets the server's password requirements.
+     *
+     * @param username The chosen username.
+     *
+     * @param password The password to check.
+     *
+     * @return True if the password meets the requirements, otherwise false.
+     */
+    bool checkPasswordRequirements(QString username, QString password);
+    
     ///@}
 
     /**
diff --git a/core/include/server.h b/core/include/server.h
index 35c8c00..3fd6157 100644
--- a/core/include/server.h
+++ b/core/include/server.h
@@ -318,6 +318,41 @@ class Server : public QObject {
      */
     int message_floodguard;
 
+    /**
+     * @brief Whether password requirements are enabled.
+     */
+    bool password_requirements = true;
+
+    /**
+     * @brief The minimum length passwords can be.
+     */
+    int password_minimum_length;
+
+    /**
+     * @brief The maximum length passwords can be.
+     */
+    int password_maximum_length;
+
+    /**
+     * @brief Whether passwords must be mixed case.
+     */
+    bool password_require_mixed_case = true;
+
+    /**
+     * @brief Whether passwords must contain numbers.
+     */
+    bool password_require_numbers = true;
+
+    /**
+     * @brief Whether passwords must contain special characters.
+     */
+    bool password_require_special_characters = true;
+
+    /**
+     * @brief Whether passwords can contain the associated username.
+     */
+    bool password_can_contain_username = false;
+
     /**
      * @brief URL send to the client during handshake to set the remote repository URL.
      */
diff --git a/core/src/commands/authentication.cpp b/core/src/commands/authentication.cpp
index 4ab5c8a..2d789fb 100644
--- a/core/src/commands/authentication.cpp
+++ b/core/src/commands/authentication.cpp
@@ -57,6 +57,11 @@ void AOClient::cmdSetRootPass(int argc, QStringList argv)
     if (!change_auth_started)
         return;
 
+    if (!checkPasswordRequirements("root", argv[0])) {
+        sendServerMessage("Password does not meet server requirements.");
+        return;
+    }
+
     sendServerMessage("Changing auth type and setting root password.\nLogin again with /login root [password]");
     authenticated = false;
     QSettings settings("config/config.ini", QSettings::IniFormat);
@@ -79,6 +84,10 @@ void AOClient::cmdSetRootPass(int argc, QStringList argv)
 
 void AOClient::cmdAddUser(int argc, QStringList argv)
 {
+    if (!checkPasswordRequirements(argv[0], argv[1])) {
+        sendServerMessage("Password does not meet server requirements.");
+        return;
+    }
 #if QT_VERSION < QT_VERSION_CHECK(5, 10, 0)
     qsrand(QDateTime::currentMSecsSinceEpoch());
     quint32 upper_salt = qrand();
@@ -254,6 +263,11 @@ void AOClient::cmdChangePassword(int argc, QStringList argv)
         return;
     }
 
+    if (!checkPasswordRequirements(username, password)) {
+        sendServerMessage("Password does not meet server requirements.");
+        return;
+    }
+
     if (server->db_manager->updatePassword(username, password)) {
         sendServerMessage("Successfully changed password.");
     }
diff --git a/core/src/commands/command_helper.cpp b/core/src/commands/command_helper.cpp
index 88c82e4..5d5e046 100644
--- a/core/src/commands/command_helper.cpp
+++ b/core/src/commands/command_helper.cpp
@@ -169,3 +169,40 @@ QString AOClient::getReprimand(bool positive)
         return server->reprimands_list[genRand(0, server->reprimands_list.size() - 1)];
         }
 }
+
+bool AOClient::checkPasswordRequirements(QString username, QString password)
+{
+    QString decoded_password = decodeMessage(password);
+    if (!server->password_requirements)
+        return true;
+
+    if (server->password_minimum_length > decoded_password.length())
+        return false;
+
+    if (server->password_maximum_length < decoded_password.length() && server->password_maximum_length != 0)
+        return false;
+
+    else if (server->password_require_mixed_case) {
+        if (decoded_password.toLower() == decoded_password)
+            return false;
+        if (decoded_password.toUpper() == decoded_password)
+            return false;
+    }
+    else if (server->password_require_numbers) {
+        QRegularExpression regex("[0123456789]");
+        QRegularExpressionMatch match = regex.match(decoded_password);
+        if (!match.hasMatch())
+            return false;
+    }
+    else if (server->password_require_special_characters) {
+        QRegularExpression regex("[~!@#$%^&*_-+=`|\\(){}\[]:;\"'<>,.?/]");
+        QRegularExpressionMatch match = regex.match(decoded_password);
+        if (!match.hasMatch())
+            return false;
+    }
+    else if (!server->password_can_contain_username) {
+        if (decoded_password.contains(username))
+            return false;
+    }
+    return true;
+}
diff --git a/core/src/server.cpp b/core/src/server.cpp
index 8af3463..5462609 100644
--- a/core/src/server.cpp
+++ b/core/src/server.cpp
@@ -313,6 +313,25 @@ void Server::loadServerConfig()
     webhook_sendfile = config.value("webhook_sendfile", false).toBool();
     webhook_content = config.value("webhook_content", "").toString();
     config.endGroup();
+
+    //Load password configuration
+    config.beginGroup("Password");
+    password_requirements = config.value("password_requirements", "false").toBool();
+    if (password_requirements) {
+        bool password_minimum_length_conversion_success;
+        password_minimum_length = config.value("pass_min_length", "8").toInt(&password_minimum_length_conversion_success);
+        if (!password_minimum_length_conversion_success)
+            password_minimum_length = 8;
+        bool password_maximum_length_conversion_success;
+        password_maximum_length = config.value("pass_max_length", "16").toInt(&password_maximum_length_conversion_success);
+        if (!password_minimum_length_conversion_success)
+            password_maximum_length = 16;
+        password_require_mixed_case = config.value("pass_require_mix_case", "true").toBool();
+        password_require_numbers = config.value("pass_require_numbers", "true").toBool();
+        password_require_special_characters = config.value("pass_require_special", "true").toBool();
+        password_can_contain_username = config.value("pass_can_contain_username", "false").toBool();
+    }
+    config.endGroup();
 }
 
 void Server::allowMessage()