Mark Burnett has compiled a list of the 10,000 passwords that are used in over 90% of cases. These include 'password', '123456', '12345678', '1234', 'qwerty', '12345' and even 'letmein'.
When it comes to hacking you would start by working through the range of permutations of characters (upper and lowercase letters, numbers and other characters, if allowed). Each time you fail, you try the next one. Depending upon how fast you do it and how many times you need to try it will be a long or short process.
To see the maths in more detail take a look HERE for an excellent online resource that discusses this in more technical terms.
So in principle a longer password will be better than a shorter one. However, the existence of this list, and ones like it, mean that the first stage for a hacking attack is to try passwords on the list - a much shorter process than going through every permutation.
Unfortunately, many password testers are simply checking for password length and complexity - they don't take into account the likelihood that the password is a common password. You might think 12qwaszx is a reasonable password and in fact many strength testers would call it at least medium, but it occurs on the list of 90%+ of the most common passwords in use and so could be very easy to crack.
That is why you need to consider your password using our password assessor - you may be surprised at what you find.