Nonetheless, a password can be fairly quickly picked with brute-force attack, because its speed is still high regardless of the CSP selected. If a strong CSP is chosen, guaranteed document decryption becomes unavailable, and therefore a password can't be removed from the document. Word's 2003/XP default protection remained the same but an option that allowed advanced users choosing a Cryptographic Service Provider was added. Statistically, the possibility of recovering the password depends on the password strength. Use of rainbow tables by online services like can not only remove a password, but also find an actual password that was used by a user to encrypt the document using brute-force attack approach. However, modern cracking software allows removing such a password very quickly - a persistent cracking process takes one week at most. Key length in Word was strengthened up to 40 bit. Word 95 and all the preceding editions had the weakest protection that utilized a conversion of a password to a 16-bit key. Password to open a document offers much tougher protection that had been steadily enhanced in the subsequent editions of Microsoft Office. There's no encryption of documents that are protected by such passwords, and Microsoft Office protection system saves a hash sum of a password in a document's header where it can be easily accessed and removed by the specialized software or online services like.
The second and the third type of passwords were developed by Microsoft for convenient shared use of documents rather than for their protection.
0 kommentar(er)
