Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown
Rainbow table attack

Rainbow table attack

Rainbow table attack definition

Rainbow table attack is a method of cracking passwords using a rainbow table – a database containing plaintext passwords and hashes that correspond to them.

For security purposes, sites store hashed passwords rather than plaintext. When a user logs in, their plaintext password is translated into a hashed value and compared with the hashes stored by the service. If the hashes match – the user can access their account.

Hackers with access to services’ databases (e.g., from previous attacks) can use rainbow tables to compare hashed values with users’ stolen passwords and figure out their plaintext passwords.

Rainbow table attack advantages and disadvantages

To launch a rainbow table attack, the hacker must have:

  • The computed rainbow table
  • Access to the password database

While a rainbow table attack can be quick, preparations are not. Computing a rainbow table requires time and a lot of space to store hashes. Passwords are usually acquired in various attacks, such as phishing or breaking into corporate networks.

Protection against a rainbow table attack

The most common way to protect oneself against rainbow table attacks is to use salting.

Salting adds a random value to the hash function, which generates unique hashes for passwords. Most modern services use salting, but rainbow table attacks are still launched against outdated applications.

Ultimate digital security

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.