During penetration testing, a significant amount of attention is (or should be) devoted to attacking the authentication process. In my experience testing networks and web applications I have noticed that it is common to be able to enumerate a system and obtain a list of users, which can then be used to launch password attacks and if successful can be used to gain access to a system. If the system happens to be a Windows network, then enumeration is easier and exploitation can be expanded by attacking flaws that exist within Active Directory/Kerberos and are not likely to be fixed.