In this screenshot I am making a new user named bob with a short non complex password. To get here I right clicked on the windows button, went to computer management, found users under local users and groups under system tools and right clicked again to create a new user. 

In this screenshot I am opening up the run box for windows. To do this I held the windows key and the letter R. I typed in the command "gpedit.msc". This command is the group policy editor command. 

In this screenshot I am showing the default policy for passwords. To get here you find password policy under account polices under security settings under windows settings under computer configuration.  You can see how there is no complexity of any kind. The password can be as simple as you would like. This makes for a very unsecured account if there are no password rules and makes it much easier for hackers to get your password. 

In this screenshot I have updated the settings to make them more complex and secure. I turned on the making passwords meet complexity requirement rule, I set a minimum password length, I made passwords need to be changed every 90 days and I set it so that no one can reuse a password they have used over the last 4 passwords for their account. 

In this screenshot It is showing the effects of my editing of the policy. Tried to create a new user Bob. I tried to use the same old non complex password as before and was stopped in my track. This shows the policy was enforced and complex passwords will be needed for any user created.