Here is the claim of the latest version of lophtcrack LC3 and it's claims:Security experts from industry, government, and academia cite weak passwords as one of the most critical internet security threats. But while many administrators recognize the danger of passwords based on family or pet names, fewer recognize that even savvy users expose networks to risk due to inadequate passwords. Consider that at one of the largest technology companies, where policy required that passwords exceed 8 characters, mix cases, and include numbers or symbols...

L0phtCrack obtained 18% of the passwords in 10 minutes
90% of the passwords were recovered within 48 hours on a Pentium II/300
The Administrator and most Domain Admin passwords were cracked


Details are here:http://www.l0pht.com/research/lc3/index.html