In the admin UI you can set the complexity required for passwords:

The algorithm used to determine the strength does not use simple minimum requirements of the password, like for example at least one upper case, one digit, 7 characters etc.

Instead it computes scores for a number of categories like upper vs lower case, digits, special characters, length etc.

Depending on the combination of these scores, it classifies it into a category. A bad score in one category might be compensated with a very good score in another category, e.g. no upper case character by 3 special characters.