A tiny bit of background is required for this exchange. I support a client-server application that doesn't hide the length of the users' passwords from the administrator. Users are given 5-character default passwords. This user has called to complain that he can no longer login.
User: [Rambling diatribe about how computers are hard to use]
Me: [Ignoring diatribe while counting asterisks. 4... 5... 6... what the fu...]
User: And Bill Gates is just plain evil!
Me: Sir, have you changed your password?
User: Uh... yeah, I think so.
Me: Have you tried the new password?
User: No. [pause] Do you think that would work?