Looking to block weak passwords during login

Hello Jason and all. This plugin looks great! So much simpler than all those overweight security plugins out there.

There’s one thing I don’t see that I’m looking for and am curious of your thoughts on. I’m looking for a code snippet ( or a slim plugin ) to block all logins when the password is considered weak, requiring they reset their password before they can authenticate to the site.

Code-wise, I’m looking at returning false to filter send_auth_cookies when insecure ( see core function wp_set_auth_cookie ), and will have to research where all that function is called where we could test the password.