adjust password complexity check failed string to contain the actual requirements

The sign-up plugin can now be configured with dynamic min and max password lengths. However the complexity failed string has hardcoded values. This should be changed to contain the actual values.

Also the string should contain the correct wording to describe the "simple" password complexity check.