Home :: Excel Password Recovery
Excel Password Recovery
Recovering Excel passwords
1. File open passwords
All Excel versions through Excel 95 are relatively insecure and passwords can be recovered quickly. The document must contain enough text inside (minimum 1 page) to allow password recovery as it is based on statistical methods. Without enough text, the password recovery may fail.
Excel 97 and Excel 2000 have more secure password protection. Two ways are there to recover Excel password in this case. The first way is to search all of the password variants (brute-force or smart force attack) or dictionary search. This method turns up with good results only with case of short password.
Where the password is complex or long, it is better to use key recovery. But remember that key recovery is only applicable for file open passwords.
You can use key recovery to recover Office XP documents if only they were saved in default (Office 97/2000 compatible) encryption mode. If a document has been saved in advanced encryption mode, key recovery will not open your file.
Excel 2002 (XP), 2003 has opportunity to choose encryption mode - weak protection as in old versions, standard (used by default) as in Excel 97/2000 and several advanced encryption modes. Key recovery doesn't work with advanced encryption modes. If you protect your document with several types of passwords and one of them is a file open password, first you have to recover the file open password and then recover the other passwords.
2. File modification passwords, Sheet and Workbook passwords
All these types of passwords can be recovered quickly.
There are two ways to recover these password types:
3. VBA module passwords
VBA module passwords are only stored in the document for version 97 and earlier, and can be readily recovered with VBA password recovery software (note: standard Excel password recovery software does not recover VBA passwords). For version 2000 and later, the password is stored as a secure hash. It is impractical to recover the original password, and the only practical approach is to either overwrite the password with a new (known) password, or remove it altogether.