similar to #13070 (show a strength meter in the browser)
At the moment the only limitations for Passwords in Matomo is that it needs to be from 6 to 200 characters long.
But for organizations who have many employees it might be useful to disallow really weak passwords (123456).
Maybe for the beginning it would be enough to make the
PASSWORD_MIN_LENGTH configurable (to avoid having overly complex password rules that force people to write down their passwords)
In addition it may be an idea for an plugin that checks all password hashes against https://haveibeenpwned.com/Passwords and disallows ones that are over a set threshold to avoid trivial passwords.