Now if we can just figure out how to prevent them from keeping the password written on a sticky note.
This is exactly why we need two-factor authentication for the encryption to be secure. If the password is too complex/long, it will be written down. If it's too easy/short, the password can be brute forced.
And they WILL write the password down.
1 1 was a race-horse, 2 2 was 1 2. When 1 1 1 1 race, 2 2 1 1 2.