I'm surprised this isn't part of WP core. There are a few plugins which address the problem, at least one of which admits to being susceptible to being bypassed by a knowledgeable hacker. It ought to be possible to see how strong a user's password is from the dashboard.