Quote Originally Posted by e><ius
reformating was directed towards the public computers which are set to re-imaging daily. i could tell by looking in the "C:\Documents and Settings\". i guess it may not be that important, 'cept knowing who was on that day.

anyway, i guess i already knew about cache cracking with admin/system level via cachedump/cain/johntheripper. can this be done with limited access? running .exe will be prohibited.
Uhm, what the hell kind of environment are you discussing, where systems get reformatted every night? That is not exactly SOP for many organizations. I can see several situations where it may be exactly the sort of security measure needed, but this is by no means default, and you really should fill us in on more detail before we can try to answer your query.