General Password questions

[Rudy Schockaert]

>>I think the NT/W2K model allows for encryption based on keys that
>>only the specific user can use (i.e. you have to actually be logged
>>in as that user; I'm not sure if the adminstrator can fake it).

This is the BIG security hole in NT/W2K. As an admininstrator you have 
several ways to start a new process running in the security context of 
someone else.

There are some approvements in W2K3 though. Still didn't find a way to 
let Administrator impersonate as someone else.