MD5, unsalted. On commodity hardware you can compute those blazingly fast. A brute force attack, ignoring word lists, is totally possible.

That's ignoring all the resources that offer access to precomputed hashes (I don't want to call a list of MD5 hashes a rainbow table).

Easy or not, passwords saved with this scheme are unprotected.

Unsalted MD5s. http://www.codinghorror.com/blog/2012/04/speed-hashing.html