Not parent poster, but generating a sequence of randomized dictionary words will work provided the answer-field isn't too small and none of them are too hard to spell.
This question reminds me of another brain-dead and rather incredible password policy I encountered. I was trying to set a password for United Healthcare. Their password requirements were shown, and I was complying with all of them. Yet it was failing over and over.
I finally called them to report the problem, and the first question out of the rep's mouth was, "Does your password contain swear words?"
I shit you not, UHC secretly audits your passwords for "swear words." Doing so is bad enough, but not mentioning it in the rules is doubly offensive for deliberately stealing users' time.