• Hi All

    Please note that at the Chandoo.org Forums there is Zero Tolerance to Spam

    Post Spam and you Will Be Deleted as a User

    Hui...

  • When starting a new post, to receive a quicker and more targeted answer, Please include a sample file in the initial post.

Remove password

rickgram

New Member
Earlier versions of Excel had laughably weak password protection. Sheet protection (and similar components) gave instructions on creating a complex password. Meanwhile, Excel hashed whatever complex string of numerics, upper and lower case letters, and special characters you entered into a string of A's and B's with one additional character at the end. The length of the hash bore no relationship to the length of the "complex" password entered by the user. A 15 character password could end up as AABA#. Anyone who could write a little VBA could break those passwords by brute force attack in seconds. I did it myself one time when I forgot a password and could not locate my freeware tool, and I am no master of password cracking. That is, it was so simple that it was easier to write new code to unlock the workbook than to poke through my files to find the password identification software. Once identified, the hash was all that was required to unprotect the sheet and workbook elements. The VBA project password was harder and could not easily be discovered, but it could be removed pretty easily. Unlike the sheet/structure password bypass, removing the VBA project password leaves a tell that the project is changed, since it no longer has a password.

I had someone in my company who wanted me to protect a proprietary algorithm for a particular calculation in Excel. I told him that anyone who could open the workbook could unlock and examine his algorithm to their heart's content. The only way we could secure the algorithm against most attempts to view it was to password protect the workbook against opening, which would defeat the purpose of someone's being able to use the calculation. He needed a different system to secure the proprietary algorithm. Excel project and earlier password schemes were little more than TSA locks. It actually helps to know this kind of thing, as one can protect oneself and one's clients from being deceived by the appearance of security when none is actually present. It's a bit like Kryptonite bike locks from a decade or so ago that looked so secure, but could be opened with a Bic pen.
 

gwj89

New Member
Hey, I have problem with an old .xls file. I found it on my HDD yesterday, and it has opening password. So I can't event use any visual basic code (even if I could programming in it... I didn't even use any macros). All I found in the Internet is either useless for this file, or I can't understand it. Probably it's not anything important, but I want to at least know what is in this file, just for sure (I have tendency to name files with acronyms). Is there any free option (I don't want to pay $19 just to know if I should delete the file or save it...) for n00b like me, to remove the password (because my passwords was usually whole sentences like "iD0nTreM3m83RpA$zVVorD", so brute-force will take years...)? It's just opening password for sure, I never used sheet passwords. Could someone help me?

I tried open it in 7zip, but the structure is weird, it's not .xml like I saw in the Internet. It's either from Excel 2003 or 2007, I don't remember which exactly, but I used just these 2 versions on that PC so it can't be any other version.
 

goodkat

New Member
Like you, I moderate multiple boards/forums (five, actually). At none of them is any discussion of methods to bypass any security measure condoned. Other forums I participate in also have similar policies. See, for example:
Ohhhh SPARE ME YOUR NONSENSE

This so called protections are not there to avoid stealing intellectual property, they are merely a deterrent for people trying to tamper the files are commonly used in a business or company.

For instance, recently a colleague left the company and he did a few updates several months back. Now we need to trace back the information and he of course doesn't "remember" the password nor the changes; he is not even obliged to tell anything cuz is not legally binding.

Now I need to check all the files to compare.

In other cases, there are files used for a decade and nobody has a password anymore, still we need to modify and adapt these macros.

sooooo again, go to another place to claim ur lame SJW crap and let the people be responsible by themselves
 

Hui

Excel Ninja
Staff member
Ohhhh SPARE ME YOUR NONSENSE

....
sooooo again, go to another place to claim ur lame SJW crap and let the people be responsible by themselves
Goodkat

Thankyou for your input.

You will be aware of forum rules that asks that we treat others with respect.

You are quite at liberty to express your opinion. But please do it a respectfull fashion in the future.

Hui...
 
Top