It's simply not practical to crack the 256 char Extended-ASCII set even for relatively short passwords of 8 chars. The closest I can find [1] is a 576GB set of tables to crack ASCII chars 32-95 and a max of 8 chars. That's less than 1/4th the entire Extended-ASCII keyspace.
Perusing through the discussion group on a distributed rainbow table generation program[2], I don't find any support for either longer passwords or larger character sets tables. The best I can find is long passwords with a hybrid approach where they crack 10 char passwords, but only ones that follow a specific formula - [A-Z][a-z]{5}[a-z0-9]{2}[0-9]{1,3} As for generating my own tables, here's a calculator[3] that I think demonstrates the futility of that for any large keyspace. Again, we still haven't dipped into 2-byte (Unicode) characters, which will square the keyspace. Finally, this quote is interesting[4]: ...Most password crackers cannot crack passwords with ALT characters... Granted, this article is a few years old, but it does seem to support the list of safe alt-chars that I mentioned previously so I think that still has some value. [1] http://project-rainbowcrack.com/buy.php [2] https://www.freerainbowtables.com/phpBB3/topic2629.html [3] http://www.tobtu.com/rtcalc.php [4] http://www.ethicalhacker.net/content/view/94/24/ -----Original Message----- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, September 09, 2011 8:03 PM To: NT System Admin Issues Subject: Re: password questions On Fri, Sep 9, 2011 at 6:02 PM, Crawford, Scott <crawfo...@evangel.edu> wrote: > I don't think that's true. Point me to a rainbow table that has that > large of a keyspace. I can't say I've looked exhaustively, but I've > not been able to find one that even exhausts the entire ascii space, let > alone Unicode. Use a program that lets you generate your own rainbow tables for whatever character set you want. RainbowCrack does, I believe. People on this list have claimed to have such rainbow tables. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin