Comment by mikeash

The thing is, how many sites are going to have developers clued-up enough to incorporate this markup, but not clued-up enough to avoid stupid password policies that break password managers?

We only run into trouble because sites incorporate silly requirements like "you must have at least one symbol, even if your password is 48 characters long." Fixing that really seems like the better and more attainable goal.