Bruce Schneier wrote an article in Wired Magazine called Secure Passwords Keep you Safer. He concludes his article with the following paragraph that is so true and exactly to my point:
For years, I have said that the easiest way to break a cryptographic product is almost never by breaking the algorithm, that almost invariably there is a programming error that allows you to bypass the mathematics and break the product. A similar thing is going on here. The easiest way to guess a password isn't to guess it at all, but to exploit the inherent insecurity in the underlying operating system.
group policy, Microsoft, passwords, security, Active Directory