How do I decipher a password

Decrypt everything on the PC - that's how it works

Thorsten Eggeling

Not all encryption is as secure as it seems. The article introduces decryption tools and gives tips for more security.

EnlargeA secure password should consist of random characters.
© istockphoto.com/Igor Averin

Encryption can be used to protect important data from prying eyes. There are many good reasons for this. A notebook can be stolen and personal files could fall into the wrong hands. On all computers - whether mobile or stationary - there is a risk that malicious software will read access data for online banking, for example, and send it to criminals. And then there are supposed to be some government agencies that spy on citizens' data on a large scale.

To prevent this, we recommend using special encryption tools or encryption functions in the software. For example, Windows 7 (Ultimate / Pro) with Bitlocker offers an easy way to encrypt the system hard drive or a USB stick. Alternatively, you can use Truecrypt. Without access to the PC with the drives that have just been decrypted, both methods are currently considered secure. In order for encryption to really protect you, however, you should observe a few basic rules when dealing with passwords. Point 1 shows what these are.

The big PC security check

This article introduces tools you can use to test that you can bypass the encryption. You can of course also use the programs if you have forgotten a password. Please note: You may only use decryption tools for your own files. If you use it to gain access to third-party content or use the tools in the company network without permission, you may be liable to prosecution.

1. A good password for more security
In principle, any encryption can be bypassed. It's only a matter of time. A current PC can do around a billion password calculations per second. Let's say a password is ten characters long and consists of uppercase and lowercase letters and numbers. An attacker would have to try 6210 characters, which could take up to 27 years. If, on the other hand, it is only six characters long, it takes less than a minute.

EnlargeYou can generate a random password on the website www.browsercheck.pcwelt.de. Several options can be used to determine which characters the password consists of.

A prerequisite for a good password is that it is not in a dictionary. Of course, simple passwords such as "Susanne" or "Superman" are problematic, but also variations such as "2u2ann3" or "Sup3rman". Extensive word lists circulate in criminal circles. If you want to find out a password, simply try out all the terms from the dictionary. Only if that does not continue, random passwords continue, which, however, takes a correspondingly long time.

A secure password should therefore consist of randomly thrown together characters. You can generate it online, for example, via browsercheck.pcwelt.de. Use different passwords for each online service and for each program. A password safe like Password Depot can help you manage a large number of passwords. This allows you to save all passwords in a database and protect them with a particularly secure master password.

How to crack your forgotten password

EnlargeThe free tool Free Word and Excel password recovery Wizard decrypts Word and Excel files up to program version 2003.

2. Password protection for Office, PDF, Zip & Co .
The password protection of current Office products from Microsoft and other manufacturers is so good that it can only be removed with a brute force attack, i.e. by trying out all possible password combinations. With older products, however, the encryption was mostly weak. For Word / Excel 97 to 2003 there is the tool Free Word and Excel password recovery wizard, with which the password can be found out quickly.

EnlargeOffice Password Unlocker costs just under 30 euros. With the program packages Office 97 to 2010, the tool can decrypt files if you have forgotten the password.

With Word 2007/2010, password protection is difficult to bypass. We are not aware of any free software from reputable sources. With Office Password Unlocker you will find a suitable tool at passwordunlocker for around 30 euros. It can handle protected Word, Excel, Powerpoint and Access files from Office 97 to 2010. There is a limited trial version available for download, which displays only three characters of the password found and only checks 10,000 word combinations. The same manufacturer also offers tools at prices between 16 and 30 euros that can be used to remove passwords from PDF, ZIP and RAR files. This only works with a brute force attack and can therefore only be managed with short passwords in a reasonable period of time.

3. Browser and email passwords
If you save passwords in the browser or e-mail program, these can in principle be read by malicious software. How easy it is is demonstrated by the free Web Browser Pass View tool, which displays user names and passwords saved with Internet Explorer, Mozilla Firefox, Google Chrome, Safari or Opera. With Firefox this only works if you have not assigned a master password via "Settings ➞ Security". Mail Pass View does a similar thing for Outlook Express, Outlook 2000 to 2013, Windows Mail, Mozilla Thunderbird.

4. Serial numbers of installed software
If you want to reinstall the entire operating system or individual programs, you will probably need a license key for some products. But what if the email or the note with the key can no longer be found? When it comes to Windows and Microsoft Office 2000 to 2010, the Produkey tool can help (before reinstalling). It shows the product keys of the programs. License Crawler provides information on other programs. It scans the registry and shows the serial numbers, product and license keys neatly sorted.

These free tools save your data in an emergency

5. Find out Windows password