Remember that Twitter is a tool for freedom fighters to overthrow governments.

As is cash.

the sarcasm is strong with this one ; )

It's probably cheaper for them to roll back relatively scarce fraudulent transactions than deal with illiterate users who clog their support with requests about password not working. There are not that many fraudsters out there but a real lot of dull people.

Disturbingly some of my most frustratingly, restrictively simple password requirements for account registration have been banks and credit cards. If I recall, at one point American Express required I choose a password 4-6 alphanumerics.

I can say that every bank and credit card site I've used have vastly, vastly improved their security model in the past 5-7 years or so.

American banks perhaps... in Europe, UK, and in Oceania/Asia they've been using 2 factor auth, one time pads, and such for a while. Even quantum encryption.