You wouldn't use rainbow tables for a scheme like using hash(secret phrase + domain) to generate personal passwords, you'd use a dictionary attack where domains are the words, followed by a brute-force technique (which you'd use if you lacked the secret key). If I know you use such a scheme and I learn your secret phrase, your email provider and bank account websites would be the first on my list. It becomes no more secure than using the same password on every site plus the domain name at the end. The benefit is that you never have to trust all those different websites with your secret phrase.
The parenthetical in my above comment calls back to a comment by some early giant in cryptology (I think). It's best to have all the details about your specific method of hiding data known publicly, with the secret key being the only private piece of information.
The parenthetical in my above comment calls back to a comment by some early giant in cryptology (I think). It's best to have all the details about your specific method of hiding data known publicly, with the secret key being the only private piece of information.