I really don't understand. The passwords are created by the "system administrator" and not by the user, sow they are not "common" to the user. And if you use rules for the password they can't be a user common password because every site uses different rules. The passwords are used to configure any email or ftp program that store it and not for authentication in any page. Many of the users use it one time to configure the program and don't know how to change the password. They just use the one the administrator give theme. This is the problem of don't remember the password because they don't use it every day, only when they have problems with some program and need to reconfigure it again. I have a client that use ftp for communications between 4 stores. If we ask me for the password because we need to reconfigure one store I will give him a new one and he have to change the configuration on all the stores. A solution can be an option to use user defined password or system passwords and in this case the passwords are created by the system and can't be changed by the user. This way you never have common user passwords.
This is my idea from my experience and I my last replay for this