Check out this video from the Wall Street Journal that describes why common password rules such as forcing certain character sets on people is actually making the passwords less secure.
Know of a site that frustrated you because of its stupid password rules? Add it here.
We are also adamantly against requiring questions and answers to permit users to reset their passwords. We all know that people reuse these questions and answers all over the internet. A security breach on one site could compromise many sites. Don’t give real or consistent answers to these questions! If you are permitted to make up your own questions, do that, and make them unique every time. You can use metaPassword to answer the questions! Simply enter the entire question into the Site Name to get a unique “answer” every time!