Protect your password from Rainbow Tables

Rainbow tables are a way to break md5 hashes. Rainbow tables reduce the difficulty of brute force cracking a single password by creating a large pre-generated data set of hashes for nearly every possible password.

The main benefit of Rainbow Tables is that while the actual creation of the rainbow tables takes much more time than cracking a single hash, after they are generated you can use the tables over and over again. Additionally, once you have generated the Rainbow Tables, RainbowCrack is faster than brute force attacks and needs less memory than full dictionary attacks.

Rainbow tables can break any 6 length password in less than a second. It might not be able to break long and complex passwords.

So if a hacker get access to your database, he can easily extract your users password. And most users have a habit of keeping save password for all their internet activities. Its time to move to some secure hashing mechanism like "phpass password hashing method" also used in Drupal 7. You can use phpass to protect your Drupal 6 site. But after installing you won't be able to uninstall it easily. Since the md5 hash will be lost after this.

If you are end user and don't know what to do, try out some site to test whether your password is still strong against Rainbow attack, some of these sites are Md5crack and PassCracking.