Iwas Bornready (10/21/2015)
Funny. I actually thought you had something there.
Are you referring to the brute force dictionary query against sys logins table to get passwords? Yes, it works. There are plenty of occasions where non-DBA users are members of sysadmin role or who have "VIEW DEFINITION" privilege, allowing them to run such a T-SQL script. Even if the privileges are later revoked, they still have the DBA's sql login password.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho