Like SirDice said, making restrictions on what kind of passwords that could be used is also a good step into more secure passwords.