Your concern about restricting users from using generic passwords for Gmail accounts is valid for enhancing security. While Google doesn't currently offer this feature for admins, there are proactive steps users can take.
Encouraging users to use a strong (URL Removed by Staff) can help create complex and unique passwords that are harder for spammers to guess.
Additionally, educating users about the importance of password security and recommending best practices, such as avoiding easily guessable passwords and regularly updating passwords, can further enhance account security.

Hi @harriscordan I would politely say that that the concepts you are describing are antiquated in cybersecurity.  Allow me to explain, please.

A few years ago now, NIST updated their digital identity guidelines:

#1 Get rid of password complexity and instead use length - NIST - Digital Identity Guidelines, SP 800-63B Section 5.1.1.2 paragraph 9, “recommends against the use of composition rules (e.g., requiring lower-case, upper-case, digits, and/or special characters) for memorized secrets. These rules provide less benefit than might be expected…”

KAM Tip #1 - use Passphrases not passwords - See https://preshing.com/20110811/xkcd-password-generator/ for some great information

#2 Don’t require periodic password changes - “Verifiers SHOULD NOT require memorized secrets to be changed arbitrarily (e.g., periodically). However, verifiers SHALL force a change if there is evidence of compromise of the authenticator.”, SP 800-63B Section 5.1.1.2 paragraph 9

KAM Tip #2 is that anything you have to write down is less secure.  A passphrase like a lyric from your favorite song that is 30 characters long is significantly more secure than a 12 digit character "complex" password AND it's much easier to remember a passphrase.

KAM Tip #3 Embrace MFA like Google's 2SV.  That will stop some 99.9999999% of attacks.

Regards,

KAM