This is only a guidance and users can use strong or weak passwords based on their preferences. You can also force a specific password strength level. This will force the users to use a password of the given strength level. Users will not be able to set/update the password in case minimum strength level is not matched.
Password strength level is disabled by default, allowing users to set any password they wish. You can enable password strength level by using UPME Settings -> Registration Options -> Password Strength Level setting. You can select Weak, Medium or Strong as the minimum required password strength level. Then users will require to set a password of the givven strength level or higher. Following screenshot previews the setting and available strength level options.