In the old Windows for Workgroups days the admincfg.exe
utility was used to disable password caching and a similar functionality exists in Windows 95 and Windows 98.
Start the registry editor (regedit.exe)
Move to HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Network
From the Edit menu menu select New - DWORD Value
Enter a name of DisablePwdCaching and press Enter
Double click on the new value and set to 1. Click OK
Close the registry editor and reboot the machine
Upon reboot clients will no longer have to enter a local password, just the domain.
When clients use the Password control panel applet the "Change
Windows Password" button under "Windows password" will be
grayed out and only "Other passwords can be set". Clients would
then select "Microsoft Networking" as per normal
If the above options do not provide enough security for you, download Access manager for Windows.
Access manager provides much more security than standard ways in Windows.
More articles about Security