zxcvbn (https://dl.dropboxusercontent.com/u/209/zxcvbn/test/index.ht...) gives it a score of 4/4 and an entropy of 10^20, meaning it would take centuries to hack at 10B a second. I think this is a slight overstatement of the security, because it's probably more along the lines of 50502^30 which is closer to 10^12. And this would be a legal password (but banned by the bullshit password rule).
I feel like the solution to everything in this thread is just to use zxcvbn and stop with the insane rules for things. In your two cases: the bank would disallow passwords below some limit while the blog would just show you a warning (in case you were ignorant of hacking enough to know that "aaaaaaaa" wasn't a good password), but let you use your awful password to spare you from having to remember it.
I feel like the solution to everything in this thread is just to use zxcvbn and stop with the insane rules for things. In your two cases: the bank would disallow passwords below some limit while the blog would just show you a warning (in case you were ignorant of hacking enough to know that "aaaaaaaa" wasn't a good password), but let you use your awful password to spare you from having to remember it.