IME people choose weak passwords because they need to be able to remember them and technical people seem to forget this. If they're complicated or too long then the forgotten password option becomes how they log into things, making the password essentially useless.

I'm not sure what the answer is, but longer and more complicated passwords aren't.