How can one detect that users have cracked a password?

 To detect this, you would either have to review the security logs regularly or use a network sniffer to monitor users accessing shares in real time. A combination of the two would be the most prudent. Security logging can be switched on from the event viewer.
A network sniffer can be used to log IP's & Users accessing particular servers or shares. In real time an administrator would be able to see which users are accessing which shares. An example of such a sniffer is LANguard: or Sessionwall:

Security Administrator More info

     If the above options do not provide enough security for you, download Access manager for Windows.

Access manager provides much more security than standard ways in Windows.

More info

More articles about Security