NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password.