( $curuser->access_right('Edit password') and
! $part_svc->restrict_edit_password )
);
-my $error = $svc_acct->set_password($cgi->param('password'))
+my $newpass = $cgi->param('password');
+my $error = $svc_acct->is_password_allowed($newpass)
+ || $svc_acct->set_password($newpass)
|| $svc_acct->replace;
# annoyingly specific to view/svc_acct.cgi, for now...