Force users to imagine more complex passwords / ease of memorizing them

This xkcd comic illustrates quite well that the only thing that concerns you is the length of the password:

enter the description of the image here

This quote develops it:

After 20 years of efforts, we have successfully trained everyone in the use of
Passwords hard to remember for humans, but easy for computers
to guess.

So you have to be particularly careful that the passwords are not limited in length (I've come across quite a few websites where the maximum length was 8 characters!).

Forcing users to do anything is rarely a good idea. It may be best to allow all passwords, but to display a "Password Strength" value as a direct return after entering the password. You can calculate this force according to the length and / or special characters. The value could be represented by a color, eg. red for weak, orange for strong and green for very strong.

Personally, I do not like websites forcing me to choose a password composed of different components (numbers, different case, special characters). Most of the time, these are the exact websites that receive a "password reset request" on my next visit.

l5r – Where are the rules for memorizing spells?

I heard that Shugenja could memorize spells, or at least be able to do so in editions prior to the 4th edition. I did not find the relevant rules yet in the 4th edition, so I wonder:

Can Shugenja still learn to cast spells without scrolls, and if so, where are the rules?