I just learned about rainbow tables and cracking password hashes.

[PrincessFluttershy]

Okay thanks.
So I'm still looking at gaia when I'm talking about cracking passwords, I'm guessing they add a ton of "salt" to the hashes.
The easier to crack the password also depends on how long it is and what characters than?
Thanks for the link, I'm about to look at it.

The website I linked you can be thought of as one giant rainbow table. Hashes are calculated by a certain algorythim which can be decrypted with the the same formula. The point of rainbow tables is so that all the hashes are already pre-calculated and the corresponding password is saved to match the exact hash. The reason why it's not quite as feasible for someone to use their own rainbow table is because the amount of data storage you would need, as well as saving all of that data with no efficient way to sort and search the hashes makes it not worth it. Of course you would also need to calculate an asston of hashes and their corresponding passwords and save them yourself, ya-da ya-da. It would only be plausibly done by an automaton. Doing it by hand wouldn't be worth it.

For this reason, the shorter the password is, the easier it is to 'crack it'.

That is because 1 character has x amount of possibilities, (idk 40?) so there are a total of 40 hashes that need to be saved. When it is 2 characters, it is 40*40 because there are suddenly 40^2 combinations, so on and so fourth of pre-saved hashes. Anyone feel free to correct me if I'm wrong, half of this is out of my ass.

[Use]

The website I linked you can be thought of as one giant rainbow table. Hashes are calculated by a certain algorythim which can be decrypted with the the same formula. The point of rainbow tables is so that all the hashes are already pre-calculated and the corresponding password is saved to match the exact hash. The reason why it's not quite as feasible for someone to use their own rainbow table is because the amount of data storage you would need, as well as saving all of that data with no efficient way to sort and search the hashes makes it not worth it. Of course you would also need to calculate an asston of hashes and their corresponding passwords and save them yourself, ya-da ya-da. It would only be plausibly done by an automaton. Doing it by hand wouldn't be worth it.

For this reason, the shorter the password is, the easier it is to 'crack it'.

That is because 1 character has x amount of possibilities, (idk 40?) so there are a total of 40 hashes that need to be saved. When it is 2 characters, it is 40*40 because there are suddenly 40^2 combinations, so on and so fourth of pre-saved hashes. Anyone feel free to correct me if I'm wrong, half of this is out of my ass.

Oh okay, I'm starting to get it.
Just using this method is still confusing to me as what the input would be.

I see Flareboy lurking, maybe he can correct or add anything.
Thanks!