#### Re: Now lets start...

Er, the real problem is not the hash function, it is one or both of these:

1) User choosing short simple passwords (i.e. low entropy), maybe not helped by system with dumb limits like 8 characters max.

2) Users of said hash not salting (1) with sufficient entropy so the **input** to the hash function is big enough that a matching rainbow table is practical to compute.

Really, going from a 256-bit hash **output** to 512-bits only doubles your rainbow table size, but going from 20 bits in to just 28 bits **input**, for example, makes the table 256 times bigger!