1. The client VPN password depends on what directory the client is authenticating against - i.e. AD or the Meraki Cloud. If you are storing user names / passwords in the cloud than you have the option to make the passwords for those users strong
2. By using Active Directory as the user directory that accounts will authenticate against, passwords and the policy around them, along with automated user creation / deletion amongst other benefits can be controlled by the directory servers.