Simple suggestions for implementing passwords correctly

The usability of web forms is a subject that has been discussed extensively, and one which is supported by a large body of literature (1, 2, 3, 4). The consensus is that getting web forms right is much harder that it may initially seem. One aspect that particularly annoys me is the way most developers implement passwords and their validation. Despite the emergence of single sign-on systems like OpenID, most users...