Default password requirement is simply that the password be 8 characters long.

Password requirements can be increased to Medium, Strong, or Excellent. If you require higher password strength, users will need to add complexity to their passwords until they grade at the higher rating you have set as the requirement.

strongDM uses the zxcvbn password strength method to test your password strength. This method discards arbitrary rules about characters and length, but instead analyzes each suggested password and gives it a strength rating based on a number of factors including things such as length, dictionary checking, password matching, etc.

In most cases, adding length or complexity of characters will increase the password strength as needed.

Set up MFA with Duo
General SSO Guide