Ramblings & ephemera

Rainbow cracking is now a public service

From Robert Lemos’s Rainbow warriors crack password hashes (The Register: 10 November 2005):

Over the past two years, three security enthusiasts from the United States and Europe set a host of computers to the task of creating eleven enormous tables of data that can be used to look up common passwords. The tables – totaling 500GB – form the core data of a technique known as rainbow cracking, which uses vast dictionaries of data to let anyone reverse the process of creating hashes – the statistically unique codes that, among other duties, are used to obfuscate a user’s password. Last week, the trio went public with their service. Called RainbowCrack Online, the site allows anyone to pay a subscription fee and submit password hashes for cracking.

“Usually people think that a complex, but short, password is very secure, something like $FT%_3^,” said Travis, one of the founders of RainbowCrack Online, who asked that his last name not be used. “However, you will find that our tables handle that password quite easily.”

Comments are closed.