Strengthened password option
A recent event where access through easy-to-guess passwords made way for some mediatic coverage citing the name of Chamilo (although Chamilo was not at fault as far as we could investigate after hours of analysis), it appears we need to give a push to our users to strengthen their passwords, in particular for privileged users (teachers and admins), otherwise they'll use stuff like "1234567" all over.
I've already asked here https://github.com/FITCoding/Simple-PHP-Password-Strength-Analyzer if the developer could give it a license so we can include the snippet in Chamilo (although honestly it's not complicated to come up with an acceptable solution).
Drupal also has a feature for that http://drupal.org/project/password_policy and another one that checks incidents happening on the login form: http://drupal.org/project/login_security and sends them to Nagios (nice :-)).
This could be added in 1.9.6 as a plugin, then to core for 1.10... (with a settings_current switch in the security section).
This is a security issue, so I'm adding it to 1.9.6 even though we are already done with tasks here.