Now if we can just figure out how to prevent them from keeping the password written on a sticky note.
This is exactly why we need two-factor authentication for the encryption to be secure. If the password is too complex/long, it will be written down. If it's too easy/short, the password can be brute forced.
And they WILL write the password down.
"It ain't so much the things we don't know that get us in trouble. It's the things we know that ain't so." -- Artemus Ward aka Charles Farrar Brown