[ALittleLight]

You can check complexity or username reuse client side. You could even block the n most common passwords clientside if you wanted to.

[phab]

But I could just ignore/comprimise/modify your client and submit whatever I liked to the server.

[smolder]

What's the motivation of someone able to do that and interested in doing it?

[SiNiquity]

Primarily to get around arbitrary password rules that do not enhance the security of the password but serve to weaken it, e.g. only use special characters from this list: !@#, or sorry your password is TOO LONG (?!)

[labawi]

That's true, but only to a point. You can actually server-side check username/password equality, and a not overly long list of other unwanted passwords. You just have to check each one.