Norman describes how most adults can put together a Lego toy motorcycle without any instructions simply because the constraints of what fits limit the choices [Norman, 1988]. We probably cannot constrain users so that they won't be able to write down passwords, but it is often possible to make secure choices the default choices for a system; thus, users who do nothing (taking the easiest path) will still have secure systems.