[promiseofbeans]

I don't see any issue with this? It makes sense to keep the accounts secure, and very few people will be coming up with passwords by hand; they'll be using the auto-generated ones from their browser (or from their 3rd-party password manager for the more HN-y types).

[senorrib]

Very few?! I really doubt that. Most people use their pet password everywhere.

[aboodman]

I typically let Chrome suggest one, but that menu item wasn't available here (because I was not inside Chrome, obviously).

These restrictions do not add security in practice. People just add `!` or `1` as necessary to make the thing shut up. All it does is make signup harder.