[koheripbal]

That would not have protected 23andme from this issue. Password complexity does not stop password reuse.

[nroets]

I'm only suggesting password complexity as a compromise so that websites wouldn't need to implement OAuth. (Do you have a better comprise ?)

Password complexity encourages the use of password managers. They in turn remove the need to reuse passwords.