Regexp is a powerful tool, and can be used to check a password for it's complexity. Look around here:
http://www.zorched.net/2009/05/08/password-strength-validation-with-regular-expressions/[
^]. As you did not said anything about the password policy. What you mean by "special characters". What about the other character classes, and password length? Thus you have to fine-tune the expression from the above link.
Let's suppose, that the special character set contains only the "@". The lookahead pattern that check for
one and only one of it looks like this:
^(?=([^@]*[@][^@]*$)).*$
You can use this approach to extend the lookahead sequence presented on the page from above.