Some organizations change their passwords regularly. This makes it
> hard for people to keep remembering them and IMHO actually makes
> things worse by encouraging written passwords.
In fact, the folks who do the Sarbanes-Oxley auditing seem to interpret the rules to mean that everyone absolutely must change passwords with fanatical frequency, thus insuring that every workstation in every corporate environment in the United States will have the password stuck to it with an easy to spot yellow sticky note :-).