I spent that last 2 days that the Institute for applied network security forum in Tysons Corner VA. If you are into computer security check out their web site The conference is more about meeting and discussing issues with your peers than attending lectures. It was very refreshing. I also gave a 15-20 min presentation on vulnerability management.
One of the items that came up was how to aduit password strength in Active Directory. Someone mentioned Lofphtcrack, but according to this Symantec recently killed it off.