From 9641ada53cc84631c7f7f97f66135ec8a7414be5 Mon Sep 17 00:00:00 2001
From: Julian Lam <julian@nodebb.org>
Date: Mon, 2 Apr 2018 12:28:20 -0400
Subject: [PATCH] fixes #6415

---
 src/user/create.js   | 9 +++++++--
 src/user/password.js | 2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/user/create.js b/src/user/create.js
index 4352dd2d48..f2a9b87f55 100644
--- a/src/user/create.js
+++ b/src/user/create.js
@@ -180,7 +180,12 @@ module.exports = function (User) {
 		});
 	};
 
-	User.isPasswordValid = function (password, callback) {
+	User.isPasswordValid = function (password, minStrength, callback) {
+		if (typeof minStrength === 'function' && !callback) {
+			callback = minStrength;
+			minStrength = meta.config.minimumPasswordStrength;
+		}
+
 		// Sanity checks: Checks if defined and is string
 		if (!password || !utils.isPasswordValid(password)) {
 			return callback(new Error('[[error:invalid-password]]'));
@@ -195,7 +200,7 @@ module.exports = function (User) {
 		}
 
 		var strength = zxcvbn(password);
-		if (strength.score < meta.config.minimumPasswordStrength) {
+		if (strength.score < minStrength) {
 			return callback(new Error('[[user:weak_password]]'));
 		}
 
diff --git a/src/user/password.js b/src/user/password.js
index 7c9e927275..d644fd2e8f 100644
--- a/src/user/password.js
+++ b/src/user/password.js
@@ -28,7 +28,7 @@ module.exports = function (User) {
 					return callback(null, true);
 				}
 
-				User.isPasswordValid(password, next);
+				User.isPasswordValid(password, 0, next);
 			},
 			function (next) {
 				Password.compare(password, hashedPassword, next);