I've been doing some password strength auditing and one possible security hole that occured to me was user credentials stored by services. I know that NTLM hashes are weak and easily cracked by rainbow tables, etc. but how are the passwords stored in the registry by a service.
For example it's common for people to use an administrator account for Log On accross the network where Local System Account won't do. I know these passwords are stored in an encrypted part of the registry, but what type of encryption is used? Are they as vulnerable as NTLM hashes?