How are they used?
Sites which implement a complex password policy are usually acting too self important, and irritating their users...
If you guess my password for wickes or whatever online retailer then so what? You can see my previous orders, you can't even place a new order. Why would i go to the effort of using a strong password for such a site?
Plus you have no idea how such a site stores your password, it might not be stored securely and could easily be leaked.
I always used to use a stupid and easily remembered (but probably not easy to guess) password for such sites where i didn't really care, only now that some have password policies i can no longer use it everywhere and now i have different ones which i continuously forget.