Password validation Regular expression

Question

I have a password validation like the following rules

1. Should contains at most 15 chars and 8 chars at least
2. Password should contain 2 numeral charac

Answer 1

The best you can do is present your user with an estimate of the strength of their password and let them shoot their own foot if they wish.

Any scheme to force people to make good passwords is doomed by the ability of people to use post-it notes.