In the late 1999+ you could sniff people’s passwords in clear text right out of the air on public WiFi networks. tcpdump port 110 and just watch them roll in.

In the late 90’s you could use a floppy disk to boot nt and dump the password hashes of anybody who had logged in, then run them through a dictionary attack which would take a matter of minutes before learning that your company’s top employees used their favorite football team or cartoon character as their password without even appending some numbers to it. Dude with the football password even had the password emblazoned in his office wall.

One time in the 90’s I got to a password prompt and just held enter, an eventually was just let past the password prompt.

In X windows if you managed to kill the screensaver password entry box you were dropped back to the desktop, and people found ways to crash the screensaver by overrunning the password input buffer by pasting input repeatedly using common keyboard shortcuts.