I had to reset a password on a Mac the other day and I went into it begrudgingly because I thought it would be a long affair.
The entire process took less than 2 minutes. And what surprised me the most was how insanely easy it was to bypass a Mac's login assuming you aren't giving the computer back (you know, like if you stole a computer or if somebody stole yours). The process to reset a Mac's password is so dumb easy by default that I'd be worried if I ever had my computer stolen without the hard drive being encrypted with File Vault (even if I had a username and password associated with the account).
So to prevent somebody from even being able to RESET the password, I found out that you have to set a firmware password on the Mac. Why this isn't the default is beyond me.