Technical controls are used to manage the quality of passwords. This will include one of the following:
Using multi-factor authentication (see below)
A minimum password length of at least 8 characters, with no maximum length restrictions and use automatic blocking of common passwords using a deny list.