Recovering Cached Credentials

In Windows Domain Cached Credentials are a local hash of your password, which allows you to log into the computer in case the domain controller isn’t available.
CacheDump is a tool that allows you to easily extract that cache, for offline password cracking. You could use John the Ripper (with a plugin) or PasswordsPro ($$ for full features).
CacheDump pulled my own credentials and another set of credentials. While I haven’t tested further than sounds like anyone with local admin rights would be able to export the cached credentials of anyone who had logged into that computer. So say a support person’s account is local admin on all desktops, and they do support work at a user’s computer. That user could export the hash and attempt to crack the password.
Of course a strong password helps.