Troy Hunt has published one such analysis, and it's a fascinating read, full of real, verifiable stats about the problems users have managing their passwords (for example, 67% of users with accounts on both Sony and Gawker used the same password for both).
In short, half of the passwords had only one character type and nine out of ten of those where all lowercase. But the really startling bit is the use of non-alphanumeric or characters:A brief Sony password analysis (via Some Bits) Discuss Next post
Yep, less than 1% of passwords contained a non-alphanumeric character. Interestingly, this also reconciles with the analysis done on the Gawker database a little while back.