In an ideal import scenario, we only have the password hash. This means we can’t validate it during import because we don’t know what the plain text version of the password is.
At login time, you have an option to re-validate the password to see if it meets the current validation rules. If you enable this rule, then the user will be forced to change their password.
If you don’t enable this rule, nothing will happen and they can continue to use this password. The next time they attempt to change their password, it will be validated against the current validation rules.
In Tenants > Edit > Password > Password settings you’ll see "Re-validate on login". This toggle will force user’s to change their password during login if it does not meet the validation settings.