> 10-character apha-numeric password is crackable in a matter of days: http://whitepixel.zorinaq.com/

I think the assumption here is that the password isn't an MD5 hash, but instead something a little more resilient. If it's MD5, you're probably screwed anyway.