To be precise, anything relying on "educate the user so that they know better" is doomed to be insecure. It is likely to be successful in the sense of becoming popular because it offers humans someone else to blame.
For example, if I am in IT and I tell people to choose a 512 character password with alphanumeric characters that changes every day and doesn't repeat any sequence that appeared in a previous password or contain a dictionary word, I can expect people to write their passwords down on paper and get hacked, even if I tell them not to write it down.
But I can always blame them for writing them down, few people will blame me for being too lazy to find another way to secure the system.
1. Choose a memorable (read: simple, dictionary, insecure) password
2. Choose a good password and write it down
If Joe the Cubedweller writes his login password down on a sticky note, the only other people who are expected to have physical access to that note are him and the other cubedwellers, and they're going to have little to gain from seeing it. I would be much more concerned with Joe picking a bad password that could be guessed by an attacker on the outside.
Memorable passwords don't need to be simple, dictionary, or insecure.
MySonPlaysLittleLeague is a password that someone can easily remember, but few people get pointed in the direction of good sentence passwords, and most password policies indirectly limit the use of sentence passwords with character limits or number and punctuation requirements.
My favourite technique isn't to make the sentence itself the password, but the first letter of each word (with some punctuation thrown in for good measure). E.g. pick a line or two from a song, like "All the fear has left me now / I'm not frightened anymore" and that becomes "atfhlmn-infa" (if it's something that insists on digits too then you can easily do a substitution like "atfhlmn-1nfa"). Memorable without being insecure.
However, this is prone to being truncated by sites / software that only allows or uses the first 8 characters...
Another method that I have used in the past is leet-speak (oh look at me, aren't I cool - cough, cough), so I just used my name and converted it: Haitsma became H41t5m4, very similar to a random string, yet very memorable (depending on your interpretation of leet-speak, of course)
If the system in question permits it (unix accounts do, at least) including spaces in passwords--making it technically a pass phrase--is another nice trick.
I would be much more concerned with Joe picking a bad password that could be guessed by an attacker on the outside.
This argument presents a false dichotomy, as the issue is not how strong to make passwords, but whether there are other security mechanisms that could be used in conjunction with passwords or instead of passwords.
My point is that a password places all the blame on Joe instead of on IT, so IT prefers passwords :-)
For example, if I am in IT and I tell people to choose a 512 character password with alphanumeric characters that changes every day and doesn't repeat any sequence that appeared in a previous password or contain a dictionary word, I can expect people to write their passwords down on paper and get hacked, even if I tell them not to write it down.
But I can always blame them for writing them down, few people will blame me for being too lazy to find another way to secure the system.