Rainbow Crack is the next Microsoft Authentication-killer. Basically this crack generates every possible NTLM hash. These can then be put into a database and searched against. Instead of a crack tool brute forcing a particular hash by comparing it, one by one, with every computed value, this tool precomputes all the values and saves them. For complex passwords, this can save days of crack time. For the most complex passwords, it can save weeks. I believe the whole database can be bought for just over a hundred bucks, in some circles, but this free tool will generate it free.
Been a lot of talk about rainbox tables here and passwords, so here are suggestions on how to withstand even rainbox attacks. Basically, what this tells me is that passwords/passphrases are flawed, fundamentally.