[madao]

I remember back when I was doing a network engineering course the guys could crack a windows password in minutes offline, simple matter of grabbing the database from the machine. I think once you have the machine offline unless you encrypt the data your pretty screwed regardless..

[Blara]

When was this? I know older windows versions stored passwords in plain text... I can't remember when they switched to hashed passwords but I think it was around XP or Vista

[muyuu]

Windows never stored system passwords in plain text.

It did use the LM hash function to store passwords, which was rather weak, making rainbow table attacks easy.

http://en.wikipedia.org/wiki/LM_hash

For backwards compatible this hash function was commonly in use up to Windows 7 (it was disabled by default in Vista though). There are decent workarounds since NT.

NTLMv1 is also rather easy to crack. NTLMv2 is better but took a long time to be in wide use. Kerberos is strong too and can be used

Long story short, Windows OS prior to Vista maintain weaker hash support for backwards compatibility by default (although you can work around it since NT 4, almost nobody did this). Windows Vista still has support for them if you want to turn it on, but by default it's off. From Windows 7 there is no support for weak system hashes. For Active Directories, MIT's Kerberos (used typically in Unix networked environments since the 80s) replaced NTLM from Windows 2000 on.

[jiggy2011]

You might be thinking of a very old version of Windows, like 3.1 vintage.

3.1 didn't really have passwords to access the system, it did however have screensaver passwords which were either plain text or a very weak hash.

They could also be disabled by simply deleting the line for a .ini file which was bad considering it didn't have the concept of users who could only access certain files.