I enforce strong passwords across my WordPress sites using ithemes security; however one of my sites runs Woocommerce; and allows users to create an account. There is seemingly no way that I can prevent users from using '123' or 'password' etc as a password. I tried generating the password but they can still log in and change the password and the change isn't filtered by weak/strong either.
Is there any way to do this, or am I being paranoid thinking that a customer account is something that could be used to hack the site.