Now if we can just figure out how to prevent them from keeping the password written on a sticky note.
This is exactly why we need two-factor authentication for the encryption to be secure. If the password is too complex/long, it will be written down. If it's too easy/short, the password can be brute forced.
And they WILL write the password down.
After the last of 16 mounting screws has been removed from an access cover, it will be discovered that the wrong access cover has been removed.