At work I once proposed a solution to address 6. Basically we want to accept either a short password with many different character classes, or a long one with just lower case (or something similar). We tried a prototype where we used zlib to compress the password and measure the compressed length as a proxy for its complexity. I really liked this solution but we didn't adopt it because it's literally unexplainable to normal users.