Anyway, the password scheme is: [first letter of first name][first letter of last name] then the last 4 digits of your SSN. Since you know the first and last name's letters, all you have to do is dictionary-attack 10,000 times and you're done.
20 lines of perl and a half hour later (I'm a sucky coder) 84% of the [non-disabled] passwords cracked. A simple Crack 5.0 dictionary run gave me another 11 %. Yup, 95% of the passwords total, including somebody in Wheel, and 2 professors. That doesn't even count the weakness in my program: I couldn't figure out how to munge my counter to display 0000-9999 so it starts at 1000. There's probably another few % that I could have cracked. I didn't even use a fast unix box to do the work, it was a doorstop SS5/170 (obsd 3.1) that did it all in 10 seconds.
No, I didn't abuse it! I'd mail the admins at the College, but I have heard too many horror stories of people doing the Right Thing and then being snooped on, mail read, various invasions of privacy, or worse, getting tossed out. So, I'll just keep my work offsite and wait for some bozo to destroy them and they learn the hard way.