I caught up with Paul at the Sydney Architect Council last week. Anyway, Paul has been a busy guy and has release a Password Strength Extender control as part of the Atlas Control Toolkit (CodePlex site). This is pretty good stuff, quite a few sites are starting to give feedback about the strength of passwords that users are entering.
The implementation takes a set of properties which define the minimum complexity requirements like the mimum number of special characters. I actually prefer passphrases to passwords, especially when the password is something that I will have to enter without having to refer to Password Minder.
One thing about this component – after reading the code, I don’t think that my 30+ character passphrases would get higher than 75% password strength – yet I think that is plenty strong enough.