your not breaking any passwords. you're deleting them. This action is synonymous with deleting a user in a NT OS. The pwl contains passwords such as outlook, websites, ftp's, and more
from
http://lastbit.com/vitas/pwl.asp
PWL file contains valuable information like dial-up and network passwords. This is an universal storage for sensitive information. Any program could use PWL files. However Microsoft does not provide technical specification for PWL files and API description (as far as I know), so usually only Microsoft programs use PWL files.
In other words PWL file is a secured database. Each record has three fields:
Resource type (0..255)
Resource name
Resource password
Both resource name and resource password may be binary. Moreover program may interpret these fields as it wants so 'resource name' may be not a name and 'resource password' may be not a password. There is exists a limit of 255 records per single PWL file. All records along with user name and checksum are encrypted with strong cipher algorithm RC4. Encryption key is derived from login password. Windows uses PWL files to verify login password. However login password is not stored in PWL file. Windows decrypts PWL file using specified password and then verify checksum. If checksum is correct then entered password assumed to be valid. So it is possible to get access to PWL file if only both login password and user name are known. If login password is unknown then a search is the only way to get access to PWL file's contents. User name must be known because it is involved into checksum verification. Usually PWL file name is the same as user name. However it is not necessary. PWL file name never exceeds 8 characters. Windows never overwrites PWL files. By default PWL files are located in the Windows directory. Since Windows never overwrites PWL files it's possible that resulting PWL file name will be mangled. For example, if robert.pwl file is already exists then new PWL file for user Robert will have rober000.pwl file name. Next file name is rober001.pwl and so forth.
Both user name and login password are case sensitive for PWL file, however high level Windows functions convert them to uppercase. Nevertheless there is an exception: dial-up network server use rna.pwl file to store connections passwords. User name is *Rna (case sensitive).
Each PWL file must be registered in system. There is [Password Lists] section in system.ini file. Each line in this section looks like this: USERNAME=FullPathToPwlFile
