Companies in the EU must have password policies that are compliant with the General Data Protection Regulation (GDPR) Even if your company isn’t based in EU, these requirements apply if you have employees or customers residing in EU or customers purchasing there. A good password needs to be difficult to hack, or guess, or use a password list to block compromised passwords. Multi-factor authentication is one of the best ways to improve your password security is to use MFA authentication. Use a 3rd party tool to help your password policy reach your end-user directory.
Source: https://thehackernews.com/2021/06/strengthen-your-password-policy-with.html