Shannon Entropy is a poor measure of password strength. Guessing Entropy is better but says nothing about a particular password. I propose formal definition of password strength.
Jeffrey Goldberg, aka jpgoldberg, is Chief Defender Against the Dark Arts for AgileBits, the makers of 1Password, where he helps craft and writes about the security design of 1Password. Previously, as mail/sysadmin at a university, he thought passwords would go away "in three to five years". Contrary to popular belief, he is *not* a Sith lord in disguise.