You can enforce requirements such as minimum length, mandatory character types, and an expiration period, for user passwords.
Set password requirements for an individual when you create a Replication Server user, or at the server level for all users.
Use the rs_dictionary RSSD system table to store character combinations that are not allowed in passwords when you set the simple_passwords_allowed parameter to true.
See Password Configuration Options for All Users in the Replication Server Administration Guide Volume 1.