In 2004 chief Information Officer of Guardeonic Solutions Thorsten Delbrouck discovered a way to bypass a password used to protect MS Word documents. (See References 1) He sent his discovery to Microsoft. Microsoft responded to the discovery by saying the password security option offered was never intended to keep hackers out. According to Microsoft, the password option was created to add light security to keep unintentional changes to documents from taking place. (See References 3) People password protect their Word documents to keep others from changing or even stealing their work. Now bypassing a password that was created-and more than likely forgotten-is available.
Open a password-protected document in MS Word. (See References 2)
Right-click on the document to save as a web page (for example, with the file extension ".html"). Close Word.
Open the HTML document in any Text Editor. (See References 2)
Search for the "<w:UnprotectPassword>" tag. The line will look similar to this: "<w:UnprotectPassword>ABCDEF01</w:UnprotectPassword>."
Keep the "password" in mind. (See references 2)
Open the original document -- with the ".doc." file extension -- with any hex editor. (See References 2)
Search for hex values of the password (reverse order!) (See References 2)
Overwrite all four double-bytes with 0x00. (A double-byte is also called double-byte character set. It refers to a character set where each graphic character is encoded into two bytes, a lead byte and a trail byte. It's a computer language where information is held.) Save this then close it.
Open the document with MS Word, select "Tools / Unprotect Document." "Tools" is located at the top of your document labelled "Tools." Click that button to get a drop-down menu and then select "Unprotect Document." Your password is now blank.
Things you need
- Microsoft Word