The current password security level (complexity) for "Stash Internal Directory" is extremely unsafe and is inappropriate for the present time.
As an administrator, I want to set the following parameters to control the password policy:

• Minimum length (int, default 8)
• Must contain Uppercase Letters (bool)
• Must contain Lowercase Letters (bool)
• Must contain at least a Number (bool)
• Must contain at least a Symbol (bool)

Workaround:

Use external user directories such as Microsoft Active Directory or Atlassian Crowd (which allows defining a Password Regex).