Abolish crap passwords?
Abolishing crap passwords won't help when the source of the passwords is a breach from another location... Doesn't matter how strong a password is if it's getting leaked from somewhere that doesnt store it securely.
Blocking based on IP is also pointless due to the excessive use of NAT these days, blocking a single address often results in millions of innocent users being blocked simply because they use the same provider as a single compromised user.
Also most of these "attacks" are not actually perpetrated by anyone even remotely related to the source address. Attacks frequently come from chinese addresses because china is full of cracked software which never receives updates (updating often overwrites the cracked binaries), so their machines are easy targets. The same is true of many other countries, but china just has a greater volume of users.