If you have a form that is cached, the Password Policy JavaScript doesn't get added to it. This is because it's added to the page directly in hook_form_alter(), but that hook is not guaranteed to run when a form is being actually rendered.
(On a cached form, you can see this bug by submitting the user form with an error, e.g. a missing required field; the password policy JavaScript validation is there originally but not when the form is re-rendered with the error.)
The fix is to attach the JavaScript to the form array rather than adding it to the page.
Comments
Comment #1
David_Rothstein commentedHere's a patch.
It's written to preserve backwards compatibility (since this module has a stable release), but it could be simplified a bit if that's not necessary.
Comment #2
erikwebb commentedWorks for me, thanks!
http://drupalcode.org/project/password_policy.git/commit/7c7b59d