>>I'd take Ed Rauh at his word. Password? No way.
>
>Hey, George - me also. Unless the password is stored on the local machine, I'm quite sure Ed is right when network security is done well, with lockdown, etc.
>
>However, there is something possible when security is low or non-existent (such as home users), I have heard about it and am fairly sure it's true. It's possible for hacker to plant a keyboard-capture program that transmits keypresses to the hacker, and thereby a password can be learned - but this only works in low-security situations, and I've only heard of it occurring on XP Home machines that have very little security. It's fairly sophisticated and classified as a virus, and I believe all the (updated) AV apps know how to check for it. Not sure what the name is. But I also use ZoneAlarm Pro at home, just for such problems as that.

On a domain, NT uses a 128 bit encryption algorithm to store the password. Keyboard capture? Yeah, that would undo it. The key (no pun intended) is to know what should be running when the computer starts up, and to check (via the Task Manager) frequently to make sure that's all that's running.