in addition to all of those, there are still plenty of ways to create weak passwords with at least 8 characters. Dictionary words, 12345678, and so on.
You can make a smarter password strength meter, like zxcvbn[1], but its tricky and depends on many heuristics so I don't think it would be ideal for a password standard.
You can make a smarter password strength meter, like zxcvbn[1], but its tricky and depends on many heuristics so I don't think it would be ideal for a password standard.
[1] https://github.com/dropbox/zxcvbn