Windows has always done idiotic things when it comes to password security. Whoever thought it was a good idea to split all passwords longer than 7 letters into multiple passwords of max 7 letters in the original LANMAN system deserves some sort of dunce cap award.
The windows password is more of a "Please don't use my area and ruin my browsing history" than an actual security option, I thought that was well known?
Full disk encryption is really the only way if you want to keep people out of your stuff!
