Hey guys n gals, does anyone know of a program that is similar to LC5 that will allow someone to scan there internal network for weak passwords with being able to create some sort of ruleset to define "weak".

Essentially, this user I have wants to:

1. Have a min and max length password
2. Have no special characters in the 1st and last character
3. Contains no dictionary words in the password

They are trying to do a system audit on their machines to determine who needs to change their passwords. Its a govt. client, so that probably explains the weird rules.