Comment 1 for bug 1625361

I thought this was a design decision. An admin is most likely setting a temporary password for another user, or (in my case) setting up a test password for dev purposes. In those cases, it's more convenient not to have the password restrictions in place.

Although, I'd be happy if we added the password restrictions everywhere, *but* added a config-defaults.php setting to optionally disable them. (Moodle has this. You can put "$CFG->passwordpolicy=0;" in your config.php, and it will disable password restrictions.)