Proton

Hackers use various methods to crack passwords, and one of them is the rainbow table attack. In certain cases, this method can be faster than dictionary attacks(ventana nueva) or credential stuffing(ventana nueva).

In this article, we explore how rainbow table attacks work and discuss ways to prevent them.

Rainbow table attack definition

A rainbow table attack is a cryptographic attack hackers use to break into systems by figuring out passwords from their hashes, which act as digital fingerprints. A hash function maps each password with a corresponding string of characters.

Unlike a brute-force attack(ventana nueva) that tries every possible password one by one, a rainbow table attack doesn’t require guesswork once the table is precomputed. This precomputed table (known as a rainbow table because of the way it looks if color-coded) is essentially a large database of hash value pairs linked to their plaintext counterparts.

How a rainbow table password attack works

1. Creating a list of passwords

When creating rainbow tables, hackers often target the most likely and commonly used passwords with simple patterns (for example, 123456, password, or qwerty), dictionary words, or password dumps obtained from data breaches.

2. Selecting the hash function and converting the passwords

Rainbow table attacks work well with simpler, faster cryptographic hash functions like MD-5, SHA-1, LM Hash, or NTLM Hash since they don’t use security features like salting (adding random data to each password before hashing) or key stretching (repeatedly hashing the password).

Password hashed with MD-5Plaintext password
482c811da5d5b4bc6d497ffa98491e38password123

Each plaintext password runs through the hash function to generate its corresponding hash, which has a unique, fixed-size string of characters as in the example above. Once all passwords are hashed, the hacker can use them to create the rainbow table.

3. Creating the rainbow table to reveal passwords

A rainbow table can be seen as a big Excel sheet, with hashed passwords in the first column and plaintext passwords in the second. If a breached hash is present in this table, that means the breached password is the cell next to it.

Rainbow table attack examples

Here are two hypothetical examples to illustrate how a rainbow table attack could play out:

  • A hacker identifies a social media site that uses an outdated hashing algorithm without any salting. By exploiting a SQL injection flaw, the attacker extracts the hash values of user passwords from the website’s database. Then they use a precomputed rainbow table to quickly convert thousands of these hashes back into plaintext passwords, compromising user accounts.
  • During routine network monitoring, a hacker discovers that an e-commerce website transmits password hashes insecurely between its servers and uses network sniffing tools to capture this data. Since they now have access to the password hashes, the hacker uses a rainbow table attack to decode customer passwords, gaining access to their shopping accounts and personal information.

Rainbow table attack data breaches

Rainbow table attacks have been used in the real world to steal millions of login details. 

For example, a 2012 LinkedIn hack(ventana nueva) by Russian cybercriminals resulted in the theft of nearly 6.5 million user account passwords, causing a significant data breach. Following the initial discovery, LinkedIn found an additional 100 million compromised email addresses and passwords in 2016 related to the same incident. The stolen passwords were poorly protected, lacking additional security measures like salting, making them easier for attackers to decrypt using standard rainbow tables

How to prevent rainbow table attacks

Choose platforms with strong hash functions

Secure hash functions like bcrypt(ventana nueva) or Argon2(ventana nueva) use salting(ventana nueva) to add random data to your password before creating its hash. Without the salt, the password’s hash won’t show up in a rainbow table, so an attack would fail.

To find out what hash functions a specific service or app uses to store passwords, check its privacy policy(ventana nueva), FAQ section, support page(ventana nueva), security certifications or audits(ventana nueva) (if any), technical documentation, or developer resources(ventana nueva). A simple internet search should work, or you can contact customer support(ventana nueva) and ask.

If you run your own websites or databases, keep your security settings updated by using plugins or modules that implement strong hashing algorithms.

Use complex passwords

Instead of using easy-to-guess passwords, opt for secure passwords(ventana nueva) made from at least 12 characters, which contain uppercase and lowercase letters, numbers, and symbols. Examples of strong passwords are ?GmmM1Z[c5:F or beht=ty]P:)Gf^c?p?+7. It’s unlikely for a cyberattacker to target such complex passwords using rainbow table attacks.

Turn on multi-factor authentication

Multi-factor authentication (MFA) like two-factor authentication (2FA)(ventana nueva) adds at least one more form of authentication to the password request, such as a code on your 2FA authenticator. If an attacker successfully discovers your password after a rainbow table attack, they won’t be able to pass the next steps of authentication.

Additionally, if you get an unexpected request for extra verification, it’s a clear sign that someone is trying to get into your account. You can quickly respond by changing your password.

Use alias email addresses

Alias email addresses(ventana nueva) can protect you from data breaches that could lead to rainbow table attacks since they are not connected to your primary email addresses. For example, you can keep using your main email for important messages and finances while reserving email aliases for less secure activities, such as signing up for untrusted services. If your alias email address is hacked, you can simply disable it.

Monitor the internet for data breaches

By staying informed about the latest breaches, you can determine if any of the services you use have been compromised and if your data has been leaked. This allows you to take proactive steps, such as changing your passwords immediately, to prevent hackers from using potentially exposed data to gain unauthorized access to your accounts. 

How Proton Pass can help

Proton Pass can protect you from rainbow table attacks by generating strong passwords(ventana nueva) and managing them in one place. It also supports a TOTP (time-based one-time password) authenticator for 2FA tokens(ventana nueva). Additionally, the app offers hide-my-email aliases(ventana nueva) to prevent your primary email address from being exposed online.

All Proton Pass subscribers can use Pass Monitor(ventana nueva) to monitor the health of all passwords and Dark Web Monitoring(ventana nueva) to track various sources for data breaches. Our security model(ventana nueva) uses the secure bcrypt hashing algorithm, which salts your passwords before hashing them to stop rainbow table attacks. Furthermore, we run an advanced security program called Proton Sentinel(ventana nueva) to detect and prevent account takeover attacks.

Start securing your accounts from rainbow table attacks by signing up for a free Proton Pass account today.

Artículos relacionados

The cover image for a Proton blog, showing a phone screen with a lock logo and three password fields surrounding the phone
en
Here's what to look for when choosing an enterprise password manager to streamline collaboration and protect your organization's sensitive data.
en
  • Guías de privacidad
Learn how to unsend an email, how it’s useful for personal or business emails, and how Proton Mail can help.
Proton Mail and Proton Calendar winter product roadmap
en
  • Actualizaciones del producto
  • Proton Calendar
  • Proton Mail
Preview upcoming updates to Proton Mail and Proton Calendar, including performance boosts, new features, and enhanced privacy tools.
Gantt chart displaying Proton Drive plans and development of new features
en
  • Actualizaciones del producto
  • Proton Drive
Discover the tools, features, and improvements coming to Proton Drive’s secure cloud storage and document editor this winter and spring.
laptop showing Bitcoin price climbing
en
  • Guías de privacidad
Learn what a Bitcoin wallet does and the strengths and weaknesses of custodial, self-custodial, hardware, and paper wallets.
pixel tracking: here's how to tell which emails track your activity
en
Discover what pixel tracking is and how it works, how to spot emails that track you, and how to block these hidden trackers.