Words cannot express how much I agree with this advice for non-technical people. My users love it because its easy. (Really. They send letters.)
I love it because failed logins are minimal and requests to reset password even smaller. (Incidentally, rather than "reset password", I give people auto-login links which are guaranteed to be usable for at least one day, and then pop up a message on login telling them how to change their password. This eliminates any needless copy/pasting and supports my ~10 users who prefer to ALWAYS log in via the forgotten password feature. Hey, two of them paid money, I'm not about to complain.)
I love it because failed logins are minimal and requests to reset password even smaller. (Incidentally, rather than "reset password", I give people auto-login links which are guaranteed to be usable for at least one day, and then pop up a message on login telling them how to change their password. This eliminates any needless copy/pasting and supports my ~10 users who prefer to ALWAYS log in via the forgotten password feature. Hey, two of them paid money, I'm not about to complain.)