Two-three-four words password is crap, if you use the words at their original spelling. Also, with words you would still reuse the password that is worse than having a weak one. Use a password manager and generate random ones at least 16 characters long.
I do agree though that many developers pick the password policy that is too strong for their app. Nobody would even try to hack them, but they still make the user suffer.