=== modified file 'app/models/user.rb'
--- app/models/user.rb	2011-11-30 12:10:37 +0000
+++ app/models/user.rb	2011-11-30 16:45:19 +0000
@@ -16,6 +16,7 @@
 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 
 require "digest/sha1"
+require "password"
 
 class User < Principal
 
@@ -375,10 +376,16 @@
   protected
   
   def validate
-    # Password length validation based on setting
-    if !password.nil? && password.size < Setting.password_min_length.to_i
-      errors.add(:password, :too_short, :count => Setting.password_min_length.to_i)
+    if !password.nil?
+      if password.size < Setting.password_min_length.to_i
+        errors.add(:password, :too_short, :count => Setting.password_min_length.to_i)
+      else
+        pw = Password.new(password)
+        pw.check
+      end
     end
+  rescue Password::WeakPassword => reason
+    errors.add(:password, :weak, :reason => reason)
   end
   
   private

=== modified file 'config/locales/en.yml'
--- config/locales/en.yml	2011-11-30 12:10:37 +0000
+++ config/locales/en.yml	2011-11-30 15:21:41 +0000
@@ -105,6 +105,7 @@
         blank: "can't be blank"
         too_long: "is too long (maximum is {{count}} characters)"
         too_short: "is too short (minimum is {{count}} characters)"
+        weak: "unacceptably weak: {{reason}}"
         wrong_length: "is the wrong length (should be {{count}} characters)"
         taken: "has already been taken"
         not_a_number: "is not a number"