i was reading an article in wpmudev blog And i have a doubt

Hi i was reading an article in wpmudev blog
And i have a doubt about the security of my site.
I was reading that all my users must have a strong password as me as admistrator of the site.
And even if they are just suscribers? because if they are suscribers and i receive and attack through one of them the access is limited, isnt it?

I'am right or not?
Who do i have to do extra than advise them to create a strong password in order to mantain safe my site?