>> Could we get >> Brion to also run this tool against future promoted users (have it >> continuously monitor the bureaucrat log)? > Seems like overkill. If crats simply ask successful candidates to confirm that they have a compliant password *before* sysopping them, then the problem is solved.