The prevalence of the passwords requiring uppercase, lowercase, punctuation etc is ridiculous as more and more sites and servers I use are requiring it.
I'm going to make an assumption here and I bet I'm I'm right. (I have NO idea!)
The VAST majority of security breaches are due to poorly patched software / bugs / social engineering / angry staff etc.
I'd wager very very few password hacks are due to people having the password
"momspajamas2212" instead of "M0mspaJAMas22!2"
I will say I'm finding the only way to still remember my passwords on sites now is to start using pattern based passwords, example "$RFV%TGB4rfv5tgb" (try typing that) - it's not ideal but I can remember the bastard thing. (I hope this helps someone else out, I gave it out to someone recently and they adopted something similar pretty much instantly and yes, I know you could add patterns to the dictionary)