To be able to change the password policy requirements for different roles (just the basic roles of WordPress will do).
So if the user is admin: I want 12 length and very strong, but if I have a subscibers site with no harm, 8 and medium could do, but just for subscribes.
And maybe have another for authors, Editors and a default one when the role is not one of those.
That would be great to be able to lower the security for some users but not for the whole website.
Based on user role: Option to force users to change password after first login and maybe extend that to have periodic password changes.