The length of the password only somewhat matters for rainbow tables -- they're not limited to dog-sized passwords -- but also, I rarely come across implementations these days that do not use a salt of some kind, which defeats existing rainbow tables. Generating one-off tables is about as expensive as just cracking the hashes directly.
(Then again, the implementations I see are mostly from well-known projects or customers that care enough about security to hire us. It's biased, but I do think word has gotten round about hashing and salting.)
