This is 50 minutes of time well spent if you are into security at all, or even more importantly, a windows systems / AD Admin. The short version is the NTLM hash is probably not much, if any, more secure then just plaintext.

DerbyCon 3 0 1301 Cracking Corporate Passwords Exploiting Password Policy Weaknesses Minga Rick Redm - YouTube