Keyloggers absolutely won't work unless they're running while somebody changes the password.
What about a harware keylogger? They make plenty of modules now that plu into the back of a computer where the keyboard plugs in. It captures EVERY keystroke.
here is one I snaged from a google search. http://www.keyghost.com/
you can find out how it works here http://www.keyghost.com/installation.htm#demo
I would think this would work. Until Longhorn comes out and all data travles encrypted, but if you snag the keys right before it hits the CPU I do not think there is any protection there right now.