Am I the only one that is bothered by using the world 'hacked' for something as low level as 'guessing your password'?
If somebody logs in to your account, that's not a hack. You can call it hijack or whatever, but nothing was broken which is how I define a 'hack'.
As for the topic, I agree that password changes should be not only forced, but forced to a secure standard (like using at least 8 characters that include small and capital letters, numbers and symbols). Also, I haven't used the programs that help you generate and enter secure passwords, but if they do work, they should be aggressively pushed.