Many password requirements can be enforced using a password validation routine which is available to implement in System Management Portal. But how about this one:
Check that at least 50% of the characters changed from old password to new password.
We need to have access to the old password to check this, currently password validation routine only gets the new password.