The company I work for has had the great idea to enforce a 30 day password change. That dose not sounds so bad but it is a change that includes a 14 character password with the user has to have one special character and two letters and one number. Well the people on my network have problems logging in to the network as it is.
With this policy it will guarantee that the users will keep passwords in a place where they can find them.
