This adds a StrengthValidator that measures the amount of entropy in a password, and refuses those which don't meet a threshold (set at 3.0 by default).
>>> StrengthValidator().calculate_shannon_entropy('password')
2.75
>>> StrengthValidator().calculate_shannon_entropy('Tr0ub4dor&3')
3.277613436819116
>>> StrengthValidator().calculate_shannon_entropy('correct horse battery staple')
3.494680368408909I've enabled this validator instead of the MinLengthValidator that Django uses by default. (The rest of Django's default validators are still used.)