NSA has backdoor access to every password protection mechanism. No brute force needed.
That'd be bad security practice, on account that someone else could find the backdoor. Traditionally, the US gov just kept exported crypto down to something that was easily crackable, but I think that restrictions been lifted with the advent of public key cryptography.
I think people are right, AES-256 will never be cracked by any amount of computing power we as a society will produce for the near future. That said, the amount of password guesses needed to just log into his computer is probably far less than the amount of key guesses needed to break the crypto.