I didn't calculate this one.

I did it the 'empirical way'

I made a setup with some NT4.0 box to test this (passwd = 8 char upper / lower case / numbers / symbols)

I took the SAM file with another machine on the same network and runned L0pht, the new version gives you the possibility to split the hash into more parts so you can distribute the parts to other machines running l0pht. L0pht then gives on each box an estimated time to crack the passw. I made the sum of the estimations on each box and so I got the result that I posted here.

And yes your (larryjs) method of reseting the passwd is some powerfull issue but only when you have physical access to the box. If you are working from distance this wouldn't be an easy method.