The Ping Identity Directory Server provides a get password quality requirements extended operation that allows clients to programmatically retrieve the conditions that a new password must satisfy so that they can be displayed to the user, and so the client can potentially perform some client-side validation on a proposed password. There’s also a password validation details control that makes it possible to see which requirements were satisfied on a password change attempt. I write about these features on my personal blog.