[thaumaturgy]

The goal regardless is to not provide a visual clue to an eavesdropper which they could use discover your password.

I actually don't think the idea of this is all that terrible, just that the implementation isn't right. For example, I can't think of a reason why the representation needs to be unique -- the user would only need a clue if their password is the wrong length or if they likely have a typo. Also, the specific representation used is too resource-intensive; three colored boxes would work just as well.

Still, even if the system returned hundreds of possible passwords for a given hash, and even if it wasn't resource-intensive, it's still providing clues to a third party, which you don't generally want to do. You're still dramatically decreasing their search space.

EDIT: On second thought, there might be a way to make this a little less horrible. If you assume that the user will generally be very close to correct in typing their password, then you could tune a function that would produce dramatically different results for similar passwords, and similar results for dramatically different passwords -- a kind of inverted hash function. Such a function probably already exists, I'm just not familiar with it. If you did that, and completely obscured what the user was typing, so that an eavesdropper couldn't tell the length of the password, then you might be increasing the search space compared to simply displaying asterisks.