die "weak password"
    if length($pw) < 8 or
       $pw !~ /[A-Z]/ or
       $pw !~ /[a-z]/ or
       $pw !~ /[0-9]/ or
       $pw !~ /[^a-z0-9]/i;