I get why you'd want to check for weak or common passwords, but why not just require passwords to contain numbers/special characters? It may be a pain in the butt, but it takes users' lack of care for security out of the equation.