diff --git a/src/caosdb/common/administration.py b/src/caosdb/common/administration.py
index dff461e7fb0ed5270119907bd4ad859503b3ce21..450f8de1c422f7453bb6abfd4d9e94c0bd6ef73e 100644
--- a/src/caosdb/common/administration.py
+++ b/src/caosdb/common/administration.py
@@ -26,6 +26,9 @@
 
 """missing docstring."""
 
+import re
+import string
+import random
 from caosdb.common.utils import xml2str
 from caosdb.connection.connection import get_connection
 from caosdb.exceptions import (EntityDoesNotExistError, HTTPClientError,
@@ -108,6 +111,19 @@ def get_server_property(key):
     return get_server_properties()[key]
 
 
+def get_password(length):
+    """ creates a random password that fulfills the security requirements """
+    sample_letters = string.ascii_letters + string.digits + "!#$%*+-/:;?_"
+    password = ''.join((random.choice(sample_letters) for i in range(length)))
+
+    while not re.match(r"(?=.*[A-Z])(?=.*[a-z])(?=.*\d)(?=.*[\W_]).{8,}",
+                       password):
+        password = ''.join((random.choice(sample_letters)
+                            for i in range(length)))
+
+    return password
+
+
 def _retrieve_user(name, realm=None, **kwargs):
     con = get_connection()
     try: