This is the best social engineering attack I've ever seen.
edit: ...Unless it's clever enough to only be evil some fraction of the time. I didn't actually check through the code.
Let's say that one of my passwords is n0TMyR34lP4sSw0rD, and I enter that into the site. So what? Now you have to guess my username on a site that I might have an account on. Not to mention weeding through all the garbage from people entering in random passwords just to see what the results are.
I understand that being proactive about security is a good thing, but I really think the potential of this being successfully used maliciously is fairly non-existent.
This made me smile
I was way too paranoid to type in my real password. As I've now come to realise was everyone else.
I think the passwords you have on different services show how valuable that service is to you. For me, my Google Account is the most important account i have. It has a lot of information about me, and every other service I'm using. If anyone gets my Google Account, they've basically got my whole online identity. So because of that I try my best to make it safe. On the other hand, my Facebook/Twitter account have nothing of value, so while I wouldn't like them to get hacked, I don't feel the need to have a 28 character password.
Obviously you shouldn't put your actual password there, just use the same pattern.
If you want to test 'keh@8R2', replace it with something like 'mnk$6D3'
Disclaimer: I've never, to my knowledge, eaten an aardvark.
Also, this is not my password anywhere.