Yeah, the password thing is what aggravates me the most.
AD password: change every 90 days, can't reuse any of the last 10 passwords, at least 1 number, at least one special character.
Application 1: change every 90 days, can't reuse any of the last 6 passwords, must be exactly 8 characters, at least 1 number.
Application 2: password issued to me by IT, never expires
And it's true, the rules that make you change the password every 90 days only INCREASES the chance of a problem because everyone writes them down.
If I could choose a password for everything which never had to be changed, I'd agree to use a password that met even the most stringent criteria. At least that way I could memorize it and not need to write it down.