This is just a quick post to nudge you towards a little plugin I wrote for Known which enforces a minimum password strength for user passwords.
The plugin works by calculating the entropy of the password based on NIST recommendations, and rejecting passwords where the entropy is too low.
By default, the minimum entropy is 44, however this can be changed through a configuration setting.
Anyway, give it a kick about!
Image “Password Strength” by XKCD