That point about rainbow tables seems to ignore how modern hashing works. We use salted hashes (bcrypt, Argon2) specifically to render rainbow tables ineffective. Since the salt is unique per user, pre-computing tables isn't feasible, so a strong password absolutely still matters against brute-forcing the specific hash.