recently while doing a security audit on my tafe (with full authorisation) i came accross 3 admin accounts that i managed to crack in under 1 second without resorting to a brute force attack. now this wouldnt be so bad if you could blame it on ignorance, however there is a 1 page document given to all students wishing to logon to a tafe computer specifically stating that all passwords should be at least 6 chars long, dont use dictionary words, etc. id like to say i cant believe this but sadly i can. thats all i have to rant about if anyone has any similar stories please post them here cos im interested.