I would wait until an administrator has logged off of the machine, and just grab the cached logon.


Many administrators do not take steps to prevent this.