Seems good, thanks for providing it.
But in a mutlisite, each non-site admin can change the login settings. There should be an option on the main site admin to be able to prevent this.
But this is a minor point.
The addin should be incorporated into the core WordPress. Users will pick weak passwords and be sloppy with them.