Please don’t be a nanny by forcing 10 character passwords, or at least provide the ability to turn it off. Not everyone is paranoid, and not everyone requires that level of security.
And, if you insist, at least follow the NIST guidelines, which call for minimum 8 characters (“SHALL be at least 8 characters in length” … “No other complexity requirements for memorized secrets SHOULD be imposed.”).