security - How safe is my Windows 8 Microsoft Account?

In earlier version of Windows (Windows 2000, Windows XP, Windows Vista, Windows 7), my various secrets are protected with RSA encryption:

• encryption file system
• saved credentials
• IE passwords

And my RSA private key is encrypted with my user account's password. That means the only way someone can access my encrypted files is to know my Windows account password.

And while my Windows account password is stored as an unsalted MD4 hash¹, and time has exposed the weakness in the idea of using MD4, or unsalted hashes, it's still as strong as it is. The only way you can break it is to actually:

• already have my password in your rainbow tables
• chew on my 21 character password for a few years

Realistically the best anyone could do is break into my home and either install a keyboard wedge, or modify core OS files to instruct it to record password data.

Windows 8

Now we have Microsoft Accounts, where my account credentials are no longer "local", but are held by Microsoft in the cloud. While Windows 8 can cache my credentials locally (for the periods when i don't have an Internet connection) generally authentication happens remotely.

How secure is my information now with this new system?

What happens if a grand jury issues a warrant against Microsoft to get my password, in order to access my locally (EFS) encrypted data. What information does Microsoft have?

Is it as insecure as a web login, where the web-site knows my password? Or is it more like Kerberos, where we have a "shared secret", and no actual password flows anywhere? Since Microsoft is not documenting their algorithm, nobody knows the algorithm.

Does anybody know the algorithm?