Jeff Atwood on cracking passwords using rainbow tables -- very interesting read. The basic idea is that although nobody in their right minds stores passwords except in hashed form, even this is easy to crack if you have enough time and memory to compute all hashes in advance -- which is why you need ideally user specific salting to help.