If the cached username in the client XP box has a different password to the identically named cached username in the host XP box, the negotiation will silently fail (i.e. without prompting).

You should always (in a workgroup scenario) prefix your username with the name of the computer giving access:

e.g. in a situation with BoxA and BoxB, where:
- BoxA wants to access the share "fredshare" on BoxB, and
- BoxB has the share "fredshare" protected by username "fred"
...then when you attempt to browse the BoxB share with command \\boxb\fredshare you will need to enter your requested username as "BoxB\fred" rather than just "fred" (as a 'non-qualified' username will always inherit the prefix of the user's workgroup-based computer).

You should also ensure that the share and filesystem permissions are set properly. The share permissions should be set as unrestrictedly as possible, and access should be subsequently given based upon filesystem permissions instead (unless of course you're using FAT which doesn't have an underlying filesystem permission attribute).

e.g. - on the aforementioned article, the "fredshare" share should (probably) have share permissions of "everyone - full control", and then the NTFS permissions underneath it should therefore control the access of users (including, but not limited to "fred").

Obviously, all bets are off if you're using any sort of firewall and/or anything aggregating browsing information as you don't have any/enough control over those mechanisms to have a reliable structure.

Hope that helps.
Mike.