By default the memebership provider in .net restricts you to have password of length 7(atleast) and of which one character must be alpha-numeric.
Although there many ways by which you can change that. You can check Changing password policy setting in membership provider.
Using minimum length and non-alphanumeric character
<membership ...>
<providers>
<add minRequiredPasswordLength=10 minRequiredNonalphanumericCharacters=2 .../>
</providers>
</membership>
Using regular expression
<membership ...>
<providers>
<add passwordStrengthRegularExpression=
"^(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,10}$" .../>
</providers>
</membership>
The above code is from the same site.