Sometimes it is really easy to figure out a user’s password. Just check out that picture to the right. Other times the password is less obvious but could come from a list of passwords you already know. For example, if your helpdesk always resets passwords to the same few values, many users could be using one of those default passwords. Here is a simple process for those who would like to audit your directory for such accounts.
Document: Homegrown Dictionary/Rainbow Table Password Discovery
Scripts: Homegrown Dictionary/Rainbow Table Password Discovery