create long passwords during password reset
The password policy is not taken into account here, so rather create very long passwords to encourage people to reset them (which would then apply the password policy).
This is an alternative to: http://git.ispconfig.org/ispconfig/ispconfig3/commit/ffb04de2302e6cc71c0aa80e6e1fa2ee73a6a3c9
The idea is to make the password soooo long that the user will really set a new one himself.