I found a fix (with thanks to Mr. Google) but I'm sure there is probably a better one. Right now this will do, since it appears to work, but I'll try and find an alternative.
In /etc/security/console.apps there is a config file for the programs mentioned (and others). Set each one to something like (for example):
Of course having better passswords would help...