MS Access Password Recovery & Encryption
Microsoft Access Password Recovery & Encryption Methods
Maintaining privacy and sneaking into privacy is an age old phenomenon. People made locks and keys to prevent unauthorized access and keep privacy. Keys were kept at safe places to ensure their safety. Passwords used to lock files and applications are soft versions of keys kept in some nook of mind. But with growing digital technology, the number of password to remember grew to large number. There are so many passwords to remember, at least 5 to 6 debit card passwords, credit card passwords, email account passwords, files password and many more. In the maze of passwords, it is easy to forget a password or at least get confused from a number of new and old remembered passwords. Some times it can also become necessary to open a password protected file belonging to some other person. Many software applications are available in the market that can perform Microsoft Access password recovery very easily by help of powerful programs coded in them.
Recommended Software for Microsoft Access Password Recovery
Stellar Phoenix Access Password Recovery
Stellar Phoenix Access password recovery is indigenous software of Stellar Information Systems Ltd. for Microsoft Access password recovery. It supports password recovery for Microsoft Access documents created in 97/2000/2003 and 2007. The software can perform Microsoft Access password recovery for version 2003 and earlier, instantly. For password protected files made in higher versions, a separate option is given. User can set options and masks to optimize the character set for Brute Force attack done to recover Microsoft Access password. This method takes some time but if the file is not corrupt and the masking options are done correctly, then the password recovery is guaranteed.
Stellar Phoenix Access Password Recovery is recommended software to recover Microsoft Access password. More information about the software can be collected from the link Page: www.stellarinfo.com/password-recovery/access-password-recovery.php
Understanding Microsoft Access
MS Access is a member application of Microsoft Office Suite. It is a relational database system that stores database in *.mdb or *.mdw format. MS Access can also link to databases made in other applications like MS SQL Server, Oracle, Outlook, etc. To prevent unauthorized access to database MS Access gives a password facility that can be implemented at user and database level. Database level password prevent database from opening to unauthorized persons while user level passwords prevent unauthorized access to the application itself. User passwords are not stored in database file as it is the case with database files. Many times it happens that the user forgets the password. It can also be necessary to open a database file due to security reasons during investigation. Till MS Access 97, the database application used very weak encryption that was easily recoverable. In MS Access 2000 and later versions the encryption method is considerably improved and application user level password option is eliminated.
Understanding Microsoft Access Password Security
Microsoft Access gives an option to set password that restricts unauthorized users to open Access database file. Microsoft Access used to provide user level passwords before its 2003 version but this option was eliminated in later versions. The encryption method used in Microsoft Access 2003 and lower versions was very weak, so it was very easy for Microsoft Access password recovery. A XOR operation of password key and Access document was done and stored in the header. But in later versions, Access database security is considerably increased. The process of Microsoft Access Password recovery became complex and time consuming. Microsoft Access application employed strong encryption methods that are immune to any direct attack. Only strategies to recover Microsoft Access Password possible for now are dictionary attack and brute force attack. Brute Force with masked attack, a variation of Brute Force attack is also used generally for quick Microsoft Access password recovery.
Password Mechanism in MS Access 97
MS Access 97 uses a weak password implementation system. It does XOR operation of password string and a constant array. The resultant is attached to the start of file as first 256 bytes of file. When XOR operation is done between two series of bits and if the resultant is again XORed with one of the operand, first operand is the resultant. This property of exclusive-OR operation is used to extract the password from the file. The password is stored in the file in plain text format. Array that is used for XOR operation with the password text is {&H86, &HFB, &HEC, &H37, &H5D, &H44, &H9C, &HFA, &HC6, &H5E, &H28, &HE6, &H13, &HB6, &H8A, &H60, &H54, &H94}. An XOR operation is done with Byte (I + &H42) and Array (I). The result of this XOR operation is the character of password. ‘I’ is an incrementing value and this process is repeated 16 times. Like this, all the characters of the password are found. A fraction of the algorithm used for password extraction process can be written as,
Array_For_Compare = Array {&H86, &HFB, &HEC, &H37, &H5D, &H44, &H9C, &HFA, &HC6, &H5E, &H28, &HE6, &H13, &HB6, &H8A, &H60, &H54, &H94}
strPasswd = vbNullString;
int I = 0;
do {
// Get a character from the password by doing a XOR with the appropriate value in // XorBytes array.
Currentalphabet = Char (Bytes (I + &H42) XOR Array_For_Compare( I));
// If Currentalphabet = NULL get out of the loop.
If (Currentalphabet = 0)
break;
// concatenate Currentalphabet password character to password string.
strPasswd = concat (strPasswd, Currentalphabet);
I ++;
}
While (I<=17)
File_password = strPasswd;
With such an easy method to find MS Access password, security in MS Access is considered as very fragile. Microsoft Access improved its password mechanism in its subsequent versions after Access 97. Passwords of other versions of MS Access like 2000, 2003 can be recovered using techniques like dictionary attack, brute force attack, or brute force masked attack.
Various Password Attack Methods
Dictionary Attack
Many people keep meaningful words of some object or other dictionary word as password. The password can be name of animal, place, thing, habit or any other dictionary word. People think that setting dictionary words as password will help them in remembering the password easily. Dictionary attack is based on this psychology. All the words of dictionary are compared linearly with the password to find a suitable match and Microsoft Access password recovery ultimately.
Brute Force Attack
Brute Force attack is based on the fact that if password exists then it is among one of the permutations of the available set of characters. Brute Force attack makes words of all the possible arrangement of characters and matches them with the file one by one. Eventually, at any point of time the combination that makes the password will be matched and found. This method of Microsoft Access password recovery can take time from seconds to a number of days.
Brute Force with Mask Attack
Brute Force matches all the possible combinations of the given character set. The length of character set ranges from one to unlimited and also the character set includes all the characters that can be typed from keyboard. If all the possible combinations of all the possible characters is matched then it will take a lot of time may be thousands of years for Microsoft Access password recovery. Brute Force with masked attack works on the principle that if any information about the password is known, it can be used to reduce the number of combinations of characters made for Microsoft Access password recovery. Maybe the starting characters are known, length of password is known, boundary of the length is known, only small letter alphabets are used or characters that are not used for making the password are known. All these factors reduce the number of attacks needed for Microsoft Access password recovery considerably.
http://www.recoveryknowledgebase.com/Microsoft-Access-Password-Recovery.htm
0 commentaires:
Enregistrer un commentaire