As far as I know it is not possible to define a password policy (like 'password needs to have at least one uppercase letter, one lowercase letter, one number') when using local authentication.
Of course you can configure the ASA to use Radius or LDAP authentication, and define a password policy on the Radius/LDAP server. E.g. if you have a Windows AD server you can use that as LDAP server.
hth
Herbert