1. A temporary copy of the password. Internal to the computer, password information is constantly being checked. If you were queried for the password each and every time, you would find that computer would become unusable. Therefore, the computer attempts to "cache" the password so that internal prompts during the same session do not cause external prompts to the user. Key point: All systems cache passwords in memory during a login session. Therefore, if a hacker can gain access to all memory on the system, he/she can likely sift the memory for passwords. Likewise, hackers can frequently sift pagefiles for passwords. Key point: Many programs whose goal is ease-of-use will ask the user if they want to save the password on disk (in a file or registry. For example, the MS Outlook e-mail client has this feature to cache the POP3 passwords. Therefore, hackers have programs that will sift the filesystem or registry or these passwords. Some systems will store these cached passwords in clear-text, others attempt to encrypt the passwords, but usually this encryption mechanism ca be defeated. From Hacking-Lexicon