One word passwords
I agree with the advice of not making people change the complicated password every month or quarter. The will never be able to remember which is the actual one.
However simple one word passwords are too easy to break. Long ago I used a large library of words to test passwords in the company. I broke about 1/3 of them within an hour. I still remember one of them. I'll tell you why.
The afternoon after this exercise I traveled with some guys from the company to a conference. I told them what I did and one of then, a Russian answered that his password is unbreakable because it is a Russian word written in Latin characters. I simply said "korova" (I still remember it means a cow) and he instantaneously went white. I still don't know what he kept on his account but he absolutely freaked out.
I heard not long ago the sad news that the guy passed away back in Russia. Whatever files he had, he was a friend.