tech

January 19, 2026

Mandiant releases rainbow table that cracks weak admin password in 12 hours

Windows laggards still using the vulnerable hashing function: Your days are numbered.

Mandiant releases rainbow table that cracks weak admin password in 12 hours

TL;DR

  • Mandiant released an NTLMv1 rainbow table database to expose the weakness of the deprecated hashing algorithm.
  • This database allows passwords protected by NTLMv1 to be cracked in under 12 hours using consumer hardware.
  • NTLMv1's limited keyspace makes its rainbow tables easier to construct.
  • Despite known vulnerabilities since the 1990s, NTLMv1 is still used in sensitive networks due to legacy apps and critical system constraints.
  • Mandiant hopes this release will help security professionals convince organizations to migrate to more secure hashing algorithms.
  • Microsoft introduced the more secure NTLMv2 in 1998.
  • Mandiant advises organizations to immediately disable the use of Net-NTLMv1.

Continue reading the original article