users: Respect `enforcing` in `/etc/security/pwquality.conf`
Gnome Control Center uses libpwquality to check if a password is
secure enough. The library has a file to configure the rules applied.
The enforcing key in that configuration file specifies whether the
requirement is strictly enforced rather than a recommendation, as I
understand. Given the password validation is already dependent on that
configuration file, it probably makes sense to respect this setting.
The previous behavior was to always "enforce".