if putting a sticky note on your monitor gets you to use
a materially better password, reducing the problem to
physical security can improve matters, but it's not
a guarantee.
i'm typing this listening to a day-long meeting on
security, access management, etc, etc.
it's hard - actually it's fundamentally impossible
from an epistomological standpoint.
-mo