It looks like OS X passwords are still more secure than Windows passwords, even with an 8-character limit. I was not really able to get Keychain to accept a truncated password. When I was testing the password lengths, I set an 8-character one, was immediately prompted by iChat to enter a password into Keychain, and forgot that I had already changed it from a 9-character one. If OS 10.3 fixes the character limit, the passwords will be even more secure than they are now.
http://news.com.com/2100-1009_3-5053063.html?tag=fd_top
{
Microsoft has used two encoding schemes, also known as hashing functions, to encrypt passwords. The first, known as LANManager or LANMan, was used by Windows 3.1, 95, 98, Me and early NT systems to secure passwords that were used to connect to early Windows networks.
The LANMan scheme has several weaknesses, including converting all characters to uppercase, splitting passwords into 7-byte chunks, and not using an additional random element known as "salt." While the more recent NTHash fixes the first two weaknesses, it still does not use a random number to make the hashes more unique.
The result: The same password encoded on two Windows machines will always be the same. That means that a password cracker can create a large lookup table and break passwords on any Windows computer. Unix, Linux and the Mac OS X, however, add a 12-bit salt to the calculation, making any brute force attempt to break the encryption take 4,096 times longer or require 4,096 times more memory.
}