Wow, you're trying (and I appreciate that) but you really need to think this through a lot harder!
1) Password "guessing" isn't done by a human who will get bored. It's automated, and *extremely* fast. Let's say I can submit 10 password attempts per second (practically speaking, even a shitty home connection can probably manage closer to 50; a botnet could manage tens of thousands easily if the login server is up to it). Just because your password isn't in the 10 most commonly used ones doesn't mean it isn't in the 600 most commonly used ones. Oh no, instead of one second, it took my automated proxy a full minute to break into your account! As if that's a meaningful delay for a targeted attack...
2) How the heck is the user going to "run out" of strong passwords? I mean, even if the site prohibits re-using the old password after a reset, there are a quite literally infinite number of possible passwords. I'll grant that if you kept this attack up until the heat death of the universe, it would eventually reach the point where my "password" might need to longer than a typical sentence in English, but whoop-de-do. You could keep this kind of attack up all year without running the user out of dictionary words, so long as they aren't logging in 20 times a day! You couldn't run somebody out of pairs of such words in a natural human lifetime. That's ignoring case, and using the stupidest possible password generation scheme (choose the next word [pair] from the dictionary). A decent password scheme would be vastly more secure.
3) This user notes that somebody is *constantly* trying to brute force their password. Let's say you've managed to keep it up for months without getting your IP blocked or getting arrested under the CFAA or some such thing. The target of the attack has run through dozens of passwords. Why the hell would they decide to use a really weak one (knowing there's a constant attack going on) for their next one? Wouldn't it make a lot more sense at that point to hammer on the keyboard for five seconds when asked to create their password, knowing full well they will need to reset it next time they want to log in anyhow, due to that asshole wasting their time forcing resets constantly?
Yeah, you *really* didn't think about that one very hard, did you?