In reply to ByEek:
But I disagree with this:
> Something that is a complete waste of effort.
What IS a complete waste of effort is the remedial actions taken when passwords are compromised, or auditors identify failures to comply with security processes, start to ask more questions about "how do you change your password, or reset it if you've forgotten it", or discover spreadsheets containing passwords in clear text.
The aftermath of the above can often be more time consuming and expensive to resolve than the deployment of a simple process (led by a help desk/superusers, SMEs... whatever it needs to be) to assist with password changes, even in a small company.
> People have to write down their works passwords somewhere (I have 13 work related passwords) so better use something that is secure than delegate such a responsibility to the user who will no doubt use a non-secure spreadsheet or worse.
Delegation isn't needed when you know you can either reset your own password securely or have it changed by the helpdesk (or others, as above). If people think they need to write down their passwords, then their infrastructure is not supporting them.