Also if you want realistic scenarios only, I guess this bet is off because it assumes that Linux is being used as a desktop throughout the enterprise..an even more unrealistic possibility.
I see you continue to fail to admit it, preferring to go off on tangents. I guess it doesn't matter, because what you think has no bearing on the fact that Windows passwords are cryptographically relatively weak because Microsoft decided not to do what the computer industry had known was a good thing for over two decades -- salting hashes. Salts make a weak password stronger, and make a strong password too impractical to break with current technology.