User account administration is one of the hardest areas to do well. Recently, Microsoft published an article stating that 40% of all user support calls were because of password issues. How do you implement a strong password policy given the dilema of forgotten passwords? How would you address these issues? (2-3 paragraphs)