Re: Too Many bad Movies
I'm required to change a password every month, for a service that only allows limited length passwords (10 characters, I think, is the maximum), and has other (undocumented, naturally) limitations about what characters you can use.
When they first issue a new user with their first password, it's by default set to "day+date", e.g. "Friday06".
No prizes for guessing how I choose my new password each month. And I'm prepared to bet, 90% of users of this particular service do the same thing.
Security? Don't make me laugh.