Crack Lost Office Passwords. Attacks



Anyone may once face the problem of a lost password. That is why information about the password recovery methods is important.

Recovery Time

The time required to recover a lost password depends on the complexity of the algorithm that was used to encrypt the password. The stronger algorithm is used, the more complex is the procedure of generating a password, and the more time it takes to crack lost password.

The majority of programs we regularly use have recently started employing rather strong protection methods. This is connected with the rapid growth of the number of hackers who try to get access to other people's private data. Still there are exclusions to this rule and some programs (which rapidly fall into disuse) use encryption schemes that are considered weak by today's standards and can be cracked just in a few seconds. For example, the protection of documents in Microsoft Word for Windows v.6 and 7 was so weak that under some circumstances the passwords could be cracked in virtually no time at all. The situation has changed with the release of Microsoft Office 97: cracking their passwords became quite difficult (if you don't know the password's length and structure, it may take you years to recover it). Microsoft Word offers even more: the user himself can choose the encryption algorithm. This way, the user can decide how strong his protection should be. But the main problem lies in the fact that not only hackers attack passwords, sometimes the password owner needs to restore it too.

Password Recovery Methods

There are a variety of methods that can be used to retrieve data from the password protected Word or Excel documents. These methods even include full decryption of a document without restoring the actual password. In other words, you can restore the data without learning the password that was used to protect Word or Excel document. But we'll discuss only the most primitive (but sure-fire) methods of restoring the original password. Let us review three of these methods based on trying a series of passwords for opening an encrypted document:

Cracking by dictionary based attackDictionary Attack

This method involves making password guesses based on a dictionary – a special file containing the list of words (one word per line). The program tries using each line as a password. This method of password recovery is quite fast and effective. It often proves to be effective because people tend to choose passwords that are easy to remember: words, names, predictable strings of symbols and so on. But if your password is easy to remember, it is also easy to guess. If you choose your pet's name as a password, be sure that your password is already included in a hacker's dictionary.

Cracking by brute force attackBrute Force Attack

This is the most reliable but the slowest method to crack lost password. The effectiveness of this method fully depends on the computing power of your system. This method involves trying all possible passwords and it always requires sufficient time. But in many situations this is the only way to recover your password. If this is the case, your chances depend on how carefully you chose the password.

Cracking by masked brute force attackThe "Brute Force With Mask" Attack

This variety of the brute force attack requires less time and computing resources. If you know some part of the password, you can include it in the password mask. The computer in this case will try to guess the unknown symbols only. The more symbols you will be able to remember, the less time it will take to restore your password.