There are several different uses for having passwords on the various user accounts on your computer and depending on what use you make of the computer you may or may not need a password on all users. The one you should always use a password on is the admin account that you only use to install new software and perform other admin type tasks. Having a password on that account will allow you to use the "run as" command to run your software installs as the admin user without having to switch to that user login to do the install and without having to compromise the security of your every day account. Since the "run as" command will request the admin password before allowing the install to run it still prevents rogue processes from installing viruses and trojans without your knowledge.
One problem with having a password on a user account is that if you don't use that account for a while you may forget what the password is.
There are two solutions to this.
The first solution is something you can do in advance to ensure that even if you do forget the password that you can always reset it. This involves your creating a password reset disk from the account prior to your forgetting the password that you need to access it. Tim Fischer at About.com provides instructions on how to do this both for Vista and Windows XP. Of course you can always achieve the same result by just writing the password down although that will not help if you ever change the password and forget to update the written copy while the reset disk will still work even if you did change the password.
You are probably reading this after having already forgotten the password and without having created a reset disk in advance. That means that you need the second solution which is to use software to break into your account. One of the best products to do this is Ophcrack and another is PC Login Now. Both of these products involve creating a CD that you can place in your CD drive before you boot your computer so that you actually boot from the CD. Ophcrack will then examine your C drive, locate all the logins on it and then launch an attack against all of the passwords to work out for you what they all are. PC Login Now takes the simpler approach of removing the passwords from all your accounts so that you can get in and reset the password to whatever you now want it to be.
As you can tell from this the security of passwords on a Windows computer isn't all that great. Anyone with access to the physical computer can use these techniques to break into any password protected accounts on the computer. Any information that you have on the computer that you do need to be secure against attacks such as this should therefore use additional layers of security to protect the information and should not just rely on Windows itself for its security.