It was announced last month by Objectif Sécurité that Ophcrack, the open source framework for breaking Windows password hashes, has passed 10 million downloads. Objectif Sécurité is a Swiss security consultancy founded by Philippe Oechslin, the inventor of rainbow tables. One of the products offered by Objectif Sécurité is a collection of larger and more specialized rainbow tables to extend the base table distributed with Ophcrack. The set of available table options is shown below
These are the professional tables and sell for $999, and see the site for the definition of the character sets covered. The basic tables included with the Ophcrack distribution are derived from a set of dictionary words. To celebrate the Ophcrack milestone, Oechslin has also given free on-line access to a large rainbow table representing the LAN Manager hashes of passwords made of 52 mixed case letters, 10 numbers and 33 special characters and up to length 14. He estimates that the time to crack most such Windows passwords is less than 6 seconds. This fast password recovery is approximately 100 times faster than previous methods and is supported by hosting 90GB tables on an SSD device. Memory usage is intense for rainbow tables as described here.
Oechslin has reported to Heise Security that for tougher, better selected passwords, the entire password space can be searched at a rate of 300 billion passwords per second. Please take a look at the password recovery speeds at LockDown.uk to understand what this innovation means. For example, passwords of length 8 consisting of only upper and lower case letters can be cracked in 2 days, and only 9 days if digits are present in the password.
Update March 21st
Matt Weir has made some excellent points in his comment below, and clarified several of the statements about the 300 billion password per second search rate. I corrected the link to Oechslin’s remarks reported in Heise Security, and though not stated explicitly it seems that this tremendously fast password search rate applies only to the now-obsolete LAN Manager hashing scheme. Please read Matt’s comment as an improvement/correction for the final text above. Thank you very much Matt.