How To Recover Forgotten Microsoft Word Passwords
by Ingrid Swanson - Thursday, 19 July 2007.
Microsoft Office applications have an option for setting up different levels of passwords. They can be used for specific actions such as preventing reading, writing or adding a master password to a file. In my case I needed to recover a passworded Microsoft Word file I snatched from my old PC backup. While setting the password to a Word file, it will explicitly tell you that it cannot be recovered if you forget it. But, where there is a will there is a way.



Russian password recovery experts Elcomsoft have a neat little tool called Advanced Office Password Recovery. The software can be downloaded as a 30 day trial, or you can chose between three paid versions: Home, Standard and Professional. The prices vary from $49 for the home version to $199 for professional one. Matrix of differences in these versions can be found over here.

The software has extensive password recovery options for different Office applications, but I used my Home version just for mangling with Microsoft Word.

When you open the application, you can chose different types of attacks. In majority of cases dictionary attack will be just enough. A large base of Word users uses normal phrases for this kind of passwords. Open a Word file and the password recovery process will start:



The software is very fast and as you can see from the lower right bottom of the screenshot below, it tested approx. 17,000 passwords per second. In its peaks the number was up to seven times bigger.



Two minutes after starting the scan I got a positive response from the software and it showed that I was one of "those" people that use their dog's name as a password. Shame on me - the only thing I can say to my defense is that this Word file did not hold any important information.



While playing with the software I tested it against some different types of passwords such as random gibberish and birth dates. Of course, the dictionary was not enough for recovering these passwords, but the brute force attack came to the rescue and delivered results.

Spotlight

Biggest ever cyber security exercise in Europe is underway

Posted on 30 October 2014.  |  More than 200 organisations and 400 cyber-security professionals from 29 European countries are testing their readiness to counter cyber-attacks in a day-long simulation, organised by the European Network and Information Security Agency (ENISA).


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Oct 30th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //