Passcovery. Just solve a lost password problem > Help Desk > Knowledgebase

How to Open Encrypted Word Files

Rating (Votes): Article rated 3.7/5.0 (9)

Is there a way to bypass Microsoft Word password protection? Does that depend on the version of Word? What can save me time and money?

Find the answers in this article.

Password protection in Microsoft Word

There are several password protection options in Word:

  • Password to Open
  • Password to Modify
  • Workbook password
  • VBA macros protection

None of them, except for “Password to Open”, encrypt data. They only impose access restrictions. Data can still be viewed, printed, processed by macros but cannot be edited. However it is possible to instantly find, replace or remove this type of “restrictive” passwords from a Word file of any version.


Pic. 1. MS Word password recovery programs instantly find passwords of simple protection

A “Password to Open” is a totally different story.

Using this password special (hashing) algorithms calculate the encryption key which enables other (encryption) algorithms to encrypt all the data in a doc/docx file. Without knowing the password (or… spoiler alert! ;) ... the key) it is impossible to view any data from an encrypted Word file.

Now what if the open file password got lost? Your weapon of choice will depend on the Microsoft Office format the file was saved in.

Removing open file password from Microsoft Word file

There are three Word format alternatives each one featuring different potential for password removal:

  • Microsoft Word 6/95 – Password to Open can be found instantly
  • Microsoft Word 97-2003 (40bit) – rather than searching for the password it is easier to find the encryption key and decrypt a file without knowing the password
  • Microsoft Word 2007-2016 – brute force attack is the only option and the search rate can be increased by GPU-acceleration on AMD/NVIDIA graphics cards

“Password to open” in Word 6-95 files

This is an obsolete format and it’s getting more and more rare. In the case of this file format the security of data is based on a primitive protection algorithm which makes it easy to instantly recover passwords. Neither length nor complexity of a password will pose any problem for a password recovery tool.


Pic. 2. A basic level password cracker would be sufficient to crack a password-protected Word 6-95 file

“Password to open” in Word 97-2003 (40-bit) files

Perhaps the most commonly used format today with its own shortcomings in data security.

The file format uses a very short encryption key. So rather than trying to find the password you just need to find the key which guarantees 100% successful decryption of data. After all no matter how long or complicated a password may be the number of key combinations does not change - it is always equal to 240 (40 bit, you do remember, don’t you?). And God only knows how many password checks it might take…

To calculate the number of combinations subject to verification the following formula is used: the number of characters in a password raised to the power of its length. That is (in the case of the English alphabet) it is 26 lowercase and uppercase letters, 10 digits, [let’s say] 8 special characters – total of 70 characters. Then in the case of a 7-character password there’ll be seven times more combinations than the number of encryption keys: 707 = 8235430000000 / 240 = 1099511627776

And there’s no guarantee of success. Now just imagine if the length of the password is, say, 9 characters…


Pic. 3. Searching for encryption key does not require any settings – just select the file and start the search

Speaking about how easily and smoothly 40-bit Word 97-2003 files (Excel too!) are decrypted one can’t but mention rainbow tables.

Rainbow tables contain precomputed chains of encryption keys which by times accelerates the search of the right key with almost no decrease in success rate. Rainbow tables underpin some online services that open encrypted Word files.


Pic. 4. The use of rainbow tables at AccessBack.com

“Password to open” in Word 2007-2013 files

This file format is gaining popularity and along with brings the era of fast decryption of Word files to an end. What we have to do is to recover the password that is try to find a valid one by sorting through a number of combinations and verify them one by one hoping for successful result within reasonable timeframe.

Apart from increasing the length of the encryption key (for example in Word 2013 it is already 256 bits and it’s impossible to find such a key) program developers also make hashing algorithms more complicated which slows down key generation time. When you enter the correct password it goes unnoticed but when you start sorting through millions of combinations the speed drops lower and lower with each version of the file format. And it doesn’t matter even if you’re using a program with tweaked performance or GPU acceleration.

Pre-conditions for successful recovery of “Password to Open” in Word 2007-2016 files:

  • Customization of verification range. Cutting unnecessary arrays of passwords off will help you save a huge amount of time. Range customization tools include the following: brute-force attack with extended mask and password mutation using dictionary attack. Password mutation enables to cover all the variants obtained as a result of a word transformation while an extended mask defines a list of possible characters for each position in the generated password;
  • GPU acceleration on NVIDIA/AMD graphics cards. Cracking passwords is a perfectly scalable task that modern GPU’s can handle. The more powerful graphics cards you use the higher computation speed and success rate you achieve;
  • Password recovery software tweaked to enable high-speed performance. The tweak makes verification process dozens of times faster. Therefore the speed of verification is one of the most important parameters to be considered while choosing a password cracking program.

Key Points to Remember

Microsoft Word Password Cracking Guidelines:

  • Word 6-95 – instant recovery of passwords using a basic-level program
AccentWPR Logo Accent WORD Password Recovery
basic functionality tool to crack simple passwords
Download for Windows x86
(7208 Kb)
  • Word 97-2003 – guaranteed online decryption of files within 24 hours
AccessBack.com Logo AccessBack.com
online password removal service for Word/Excel 97-2003 files
  • Word 2007-2016 – it is best to use advanced functionality of professional password recovery solutions
AccentOPR Logo Accent OFFICE Password Recovery
finds passwords and decrypts Microsoft Office/OpenOffice files of all versions (fully functional with all GPU’s whether AMD or NVIDIA)
Download for Windows x86
(10116 Kb)
Download for Windows x64
(11688 Kb)
Passcovery Suite Logo Passcovery Suite
flagship software solution supporting Microsoft Office and other popular file formats (OpenOffice, Zip, Rar, TrueCrypt, Apple iOS, BlackBerry OS, WPA/WPA2)
Download for Windows x86
(18912 Kb)
Download for Windows x64
(21172 Kb)
 
Was this article helpful? YES / NO
Related articles How to set, remove and recover a password for an Excel file
Why we do not decrypt Excel/Word 2007-2016 files
How to Break Password Protected Excel File

 
Powered by Help Desk Software HESK, brought to you by SysAid