I understand why passwords need to be difficult to figure out.  I also understand that making passwords complex makes them more difficult to figure out programmatically.  The dilemma I have with complex passwords (and non-complex passwords that have to be changed every month or so), is that the minute you (and everyone else who wants their site passwords to be secure) start requiring these type of passwords, users have no choice but to write them down somewhere.

So I thought this article was very helpful given the premise that passwords need to be complex.  I would, however, like to see an article that addresses how to keep passwords secure when they're kept in a folder, or an Excel spreadsheet, or an Outlook folder called 'my passwords'.