Getting passed Administrator passwords on a Windows PC is not difficult (worryingly).  Windows domain passwords can be cracked in a reasonable time if the password is not too long. So how do you protect your self? Well first you use a well known secure algorithm, say AES 256. Then you ensure you use a complex password (upper and lower case letters, numbers and special characters like *@"#). Finally, as they say, size matters! The longer the password the more time it takes to crack it. For example if your password is composed of upper and lowercase letters (52), numbers (10) and special characters (say 34) the character set of the password is 52+10+34 = 96. If a six character long password using this character set could be found in 1 day, a twelve character long password would take 96x96x96x96x96x96 days (782757789696 or more than two billion years).

Good algorithm, large character sets and LONG passwords are clearly the answer. But what do you do when you forget your password...... Have a look at this blog by Jeremiah Grossman Chief Technology Officer of WhiteHat Security http://blog.whitehatsec.com