There are tons of discussions about validation rules if you use the search functionality here 🙂 first path lead me to this discussion: https://discuss.flarum.org/d/26815-minimum-password-length/2
I won't touch on the topic of passwords and why the default validation rule exists, just know that they exist for a reason.
Edit: Alternatively, you can use OAuth providers using FoF OAuth for an alternative means of user authentication.
Edit 2: This might also be an extension that could meet your needs: https://discuss.flarum.org/d/22606-passwordless-login
