We will use the plugin Force Strong Passwords. This plugin duplicates the WordPress JavaScript password strength check in PHP, and forces users with executive powers to use a strong password.
So basically any user that has the capability to publish posts, upload files, or edit published posts must have a strong password. This means all user roles except for Contributor and Subscriber.
All you have to do is install and activate the plugin. It will take care of the rest.