We have to inform that there is no magic wand software to uncover encrypted data. Most people don’t expect recovering the password to encrypted documents to be a very slow and resource-intensive process but it is. Below, we explain in simple words what the password recovery procedure is and how it works on our cloud service.
Let us assume that you accidentally lost the password to a protected file of yours and you want to restore the password.
First, you shouldn’t waste your time trying to find a program for hacking protected files easily because such programs don’t exist. All modern software like MS Office use cryptographic algorithms to encrypt data; the stability of these algorithms is proved mathematically.
So, the password recovery procedure is a long search through a huge number of variants for a proper password. Just for you to imagine the scale of the work: there are more than 60 quintillion (60 * 1018) variants of 10-character passwords. That number reflects only passwords that were made up of English alphabet letters, numbers and special signs. If there is the Greek alphabet and other symbols to choose from, the number of possible variants will increase even more, so, that even a supercomputer couldn’t handle a direct search (the so-called brute force method) through such a large number of possible passwords within a reasonable period of time because a testing procedure for each possible password needs complex mathematical calculations that require significant processor time and power. The more complex the encryption algorithm is, the slower the password search process.
But things are not as bad as they seem to be. People usually choose an “easy to remember” password, which makes it easier to recover. A great number of commonly used passwords have a simple, readable form or are compiled according to certain rules. These are common words like “shadow,” pet nicknames, word combinations like “letmein,” words plus numbers like “John1234,” dates of birth, easy combinations of digits like “654321,” letter neighbors on the keyboard like “asdcxz,” and other types of passwords that are easy to remember for almost anyone.
There are not many of these types of combinations compared to the 60 quintillion total possibilities, which greatly simplifies our task. At the moment, we have collected a database of more than 20 billion commonly used passwords for brute force cracking. This passwords database gives us a good chance, but it still does not guarantee 100% success. Nevertheless, we successfully find the password in more than half of the cases, which is a good result.
As a bonus for our visitors, we try to recover your password for free with our dictionary of the 3 million most popular passwords. The probability of a successful password recovery is lower than using our large database, but this attempt is carried out almost instantaneously and still has a good chance for success.
If a quick search through the most popular passwords is not a success, then we use the whole database for the search and it can take up to 24 hours.
If you know the structure of the lost password, you can search through all the possible passwords using a mask. For example, if you know that the password consists of 8 or 9 characters, starts with “999,” and the remaining characters are letters of the English alphabet in lowercase, then that makes the search process much easier. In this case, the total number of all possible variants is 333,629,036. Our computing cluster will brute force such a protected file in just a few minutes.
Brute-forcing a password with a dictionary is a fixed-cost work, but brute-forcing with a mask is a custom task. You may use the custom request page to describe everything you know about the lost password: the expected length and character set, etc. Perhaps, you know characters that your password begins or ends with. We can create masks with these criteria, calculate the total number of possible password variants and let you know about the work cost.
Note that it would be a pre-paid work and the success is guaranteed only if the specified mask parameters were correct. If you make a mistake describing the password structure (for example, the password was actually longer and/or contained characters outside the specified set), then the composed mask won’t help to find it. However, the work was done and the payment is not refundable. Use the brute-forcing by mask only when you are sure about the exact password structure!
Actually, no. Surely, you can try some password recovering programs on your computer, but mind some important facts:
That was the basic information about how password recovery works. If you have any questions, visit the FAQ section or contact us. We will be happy to help you!
Copyright © 2017-2023 LostMyPass.com