Why do we need strong passwords?
Why on earth is it that ANY system today allows enough password attemps that passwords need to be 'strong' to be secure. It is mostly trivial to implement increasing lockout times depending on number of failed attempts, making any brute-force attack impractical.
Insistance on users having 'strong' passwords is a major PITA just means most people can't remember them, or can;t use things they can remember easily, so write them down.