Hi,
By default membership provider in .net has a password policy that restricts you to have passwords of length 7 (at least) and one character among those 7 must be Alph-Numeric. There are various conditions that you want to overlook this policy.
Following are the ways:
Using minimum length and non-alphanumeric character
<membership ...>
<providers>
<add minRequiredPasswordLength=5 minRequiredNonalphanumericCharacters=0 />
</providers>
</membership>
Using regular expression
<membership ...>
<providers>
<add passwordStrengthRegularExpression=
"^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,10}$" .../>
</providers>
</membership>