In my not too recent past, I was **shudder** sysadmin for a corp with 9 HP
Risc boxes and 1 HP Classic - and I was responsible for account security,
amongst other things. My knee-jerk response to "I forgot my password" was to
change it to something totally intelligible - like "a&5c0sb", for instance,
based on how hard it was to type (we had somewhere in the neighborhood of 1000
users). After the 3rd change within a certain period of time (usually less
than a month) it was changed to ID10T - most users didnt get it.

The best horror story that I have is the one thorn in my side that forgot it
no matter what - I changed it to his first name. Sure enough, he called "Uh, I
forgot it again - what is it?" I asked him what his name was, and he said
"Frank" I said, "ok then you didnt forget it after all" and said goodbye. He
never forgot it again. <grin>

Lisa Leidig
System Administrator
Christopher Newport University