Thanks for the feedback.  I had read that MD5 collisions were becoming more common, but hadn't realized that NIST had declared it unsecure.  SHA-256 and SHA-512 are good alternatives for now.

The .NET code for validation can be as simple as a FOR...NEXT loop comparing your string character by character, a Regular Expression or it can take advantage of the ASP Validators.  Here's a very simple example of a FOR...NEXT loop to validate a username consists of only the characters "A" - "Z" and "a" - "z", as I alluded to:

Function ValidUser(s As String) As Boolean

    Dim f As Boolean = True

    s = s.ToUpper()

    For i = 0 To s.Length - 1

        If (s.Substring(i, 1) < "A" OrElse s.Substring(i, 1) > "Z") Then

            f = False

        EndIf

    Next

End Function

.NET has several built-in validators that can be used also to validate input to various degrees; I assume you're talking about the RequiredFieldValidator in your post.  To use, just drag the RequiredFieldValidator onto the form next to the Password text box, and change the properties as follows:

1.  Set .ControlToValidate to Password.

2.  Set the .Text property to a descriptive message, such as "Password Required".

T-SQL validation could also be performed using a loop, as alluded to.  Here's a UDF that can be called from within a SQL SP:

CREATE FUNCTION dbo.udf_ValidUserName(@s VARCHAR(255))

RETURNS CHAR(1)

AS

BEGIN

    DECLARE @i INTEGER

    SET @i = 1

    DECLARE @result CHAR(1)

    SET @result = 'T'

    SET @s-2 = UPPER(@s)

    WHILE @i <= LEN(@s)

    BEGIN

        IF (SUBSTRING(@s, @i, 1) < 'A' OR

            SUBSTRING(@s, @i, 1) > 'Z')

        BEGIN

            SET @result = 'F'

        END

        SET @i = @i + 1

    END

    RETURN @result

END

Thanks!