I came here to comment basically this. Except I did it last year and accidentally broke that system. Was trying to do the working directory and mistyped and did the root dir.

For those that don’t know, so many elevated permissions commands fail if permissions are too open. And even ssh breaks because your certs and authorized_keys need to be only readable by you.

I luckily was able to wipe and just restore an older image backup.

My last job got around the “make people gravitate towards the simplest passwords” issue by giving you a list of 10 randomly generated strings you could pick. ( you could refresh the list a few times though)

So what happened anyways, like the person you are replying to said, is we had passwords written everywhere. One guy kept a sticky not on the back of his badge (which got turned around alot so he would walk around with his password showing), another kept it on a sticky under his keyboard, and just in general we would find passwords written everywhere.