Transmitting my password to a site to see how strong it is makes my eye twitch.
This is the most intelligent thing I've ever seen about modern passwords.
There's some good counters to this, though. A common variation on a dictionary attack will get the second in about 9 days (still longer than brute forcing the complex password), but will never solve the first. Tables specifically designed for multiple dictionary words can get that down to a few hours, or even down to minutes if you can narrow the word list (say, 7 letter maximum and common nouns only - which would crack the xkcd example but fail against many others), provided of course you're reasonably certain when you start that this type of password is in use.
The real problem, though, is that actually breaking passwords is very, very rare. On the order of single digit percents of actual security breaches. Even a password that can be cracked in a matter of seconds is unlikely to be broken before password policies automatically lock the account out entirely.
The vast majority of consumer-level security breaches are captured passwords - keyloggers and phishing scams have been the primary means of stealing bank accounts since the Windows 95 days, and they've exploded into the MMO world to the point that gold farmers almost never actually farm gold, but harvest it from accounts they took by simply capturing passwords.
A 680 character password that requires a second keyboard and special control codes to input might as well be "aaaaaa" if a keylogger is involved.