[WA]

I'm not entirely sure which algorithm is used in WinXP for password hashing, but it might still be an LM hash, which has some security flaws. All lower-case characters are converted into upper case characters and the 14-byte password (cannot be longer) is divided into two 7-byte passwords, which can be cracked alone (sort of).

So, 300 billion passwords per second is still a very impressive load, but the keyspace for WinXP passwords is somewhat limited, which would also explain why 80 GB of rainbow tables are sufficient.

But correct me if I'm wrong.

[StavrosK]

Microsoft developed NTLM because LM sucked and made it the default in Windows XP. However, for backwards compatibility, it also hashed the passwords to LM, so, well, you can crack them just as easily.

From Vista onwards, I think, LM is no longer used.