diff --git a/opentech/apply/templates/forms/includes/field.html b/opentech/apply/templates/forms/includes/field.html
index b4e71892f1d7cc7f63fccb07dd72363ff7dc6c49..7881e54e1b1c6c88ed93d58da7514fbb7971dbdd 100644
--- a/opentech/apply/templates/forms/includes/field.html
+++ b/opentech/apply/templates/forms/includes/field.html
@@ -31,7 +31,7 @@
 
         {{ field }}
 
-        {% if field.errors %}<h6 class="form__error-text">{{ field.errors.as_text }}</h6>{% endif %}
+        {% if field.errors %}<h6 class="form__error-text">{{ field.errors.as_text|linebreaksbr }}</h6>{% endif %}
         <label for="{{ field.id_for_label }}"></label>
         {% if widget_type == 'date_input' or widget_type == 'date_time_input' %}
             </div>
diff --git a/opentech/settings/base.py b/opentech/settings/base.py
index a96ad8787d0df154c7fcc539e5a763a3109d8bb6..b1906465687243b72e47cefe9962873bcd10f45f 100644
--- a/opentech/settings/base.py
+++ b/opentech/settings/base.py
@@ -114,6 +114,7 @@ INSTALLED_APPS = [
     'addressfield',
     'django_bleach',
     'django_fsm',
+    'django_pwned_passwords',
 
     'hijack',
     'compat',
@@ -228,17 +229,17 @@ WAGTAILSEARCH_BACKENDS = {
 # https://docs.djangoproject.com/en/stable/ref/settings/#auth-password-validators
 
 AUTH_PASSWORD_VALIDATORS = [
-    {
-        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
-    },
     {
         'NAME': 'django.contrib.auth.password_validation.MinimumLengthValidator',
+        'OPTIONS': {
+            'min_length': 12,
+        }
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.CommonPasswordValidator',
+        'NAME': 'django.contrib.auth.password_validation.UserAttributeSimilarityValidator',
     },
     {
-        'NAME': 'django.contrib.auth.password_validation.NumericPasswordValidator',
+        'NAME': 'django_pwned_passwords.password_validation.PWNEDPasswordValidator',
     },
 ]
 
diff --git a/requirements.txt b/requirements.txt
index 1493824a688710ae27f7c0c31c6b8fb1e175e654..470eff2f7ef90b5b758071ed42be1c94679f85da 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -31,6 +31,7 @@ django_select2==6.0.1
 dj-database-url==0.5.0
 django-basic-auth-ip-whitelist==0.2.1
 django-heroku==0.3.1
+django-pwned-passwords==2.0.0
 django-redis==4.9.0
 django-referrer-policy==1.0
 whitenoise==4.0