The program offers administrators a comprehensive solution for recovering passwords to documents and files when employees forget their passwords, or when they deliberately add passwords to documents in an effort to sabotage their companies. In addition to supporting Microsoft Office 97/2000/XP/2003 documents, PDF files, PKCS#12 certificates, PGP and LM/NTLM hashes used in Windows NT/2000/XP/2003 logon passwords, PGP Whole Disk Encryption, Microsoft Money and OneNote, Intuit Quicken, Lotus Notes ID files, MD5 hashes, the program can now handle new Microsoft Office 2007 encryption.
Microsoft Office documents security is considerably enhanced in version 2007. The encryption information block is the same as in Office XP/2003, but Office 2007 always uses AES encryption (is the strongest industry-standard algorithm available) with 128 bit key and SHA-1 hashing; besides, new version improves the algorithm of converting passwords into keys: 50000 SHA-1 sequential iterations are being performed now. You would never notice it when opening a file because the whole process requires less than a second. But in a password recovery process, the speed drops significantly: one can test only about 500 passwords per second even on cutting-edge processors such as Intel Core 2 Duo. Thus, one computer can find 4-5 letter passwords only, and so the only way to recover longer passwords to Office 2007 documents is using a cluster. 1000 computers are able to maintain the speed at 500,000 passwords -- comparable to the speed of password recovery on a single computer for older Microsoft Office documents.
Before Distributed Password Recovery, the most effective way to recover a lost password was to put the locked file on the fastest machine in the company, and use brute force to attack the password. Distributed Password Recovery lets you coordinate all of the unused computing power of every computer on your LAN or WAN, and use distributed processing to restore the lost password, which makes the brute-force attack very effective even for the documents where the strong encryption is being used, such as in Office 2007.
Distributed Password Recovery installs "Agents" onto as many computers on the network as the user desires. Each of these Agents uses brute force to try to recover the lost password. The program ensures that these Agents work together, and combine their computing power to find the lost password. The more computing power available, the faster the recovery speed.
Another module of the program, the Console, is designed to manage the Agents. This solution is best for big enterprises with thousands of clients, when employees leave without un-protecting their mission-critical documents.
The program restores passwords for PDF files, Word and Excel documents encrypted with 40-bit keys (Office 97/2000 compatible), as well as more recent documents (Office XP/2003) encrypted with CSP, and now Office 2007 as well. Office 97/2000 documents can also be decrypted by recovery of encryption keys instead of password, and that type of attack gives a guaranteed result regardless of password length and complexity. The program can also handle Personal Information Exchange certificates (PKCS#12) and PGP encryption, including PGP secret key rings (.SKR files), PGP disks (.PGD files), PGP self-decrypting archives, PGP Whole Disk Encryption, Microsoft Money and OneNote, LM/NTLM hashes (Windows logon passwords), Intuit Quicken, Lotus Notes ID files, and MD5 hashes.
Distributed Password Recovery can be easily installed in enterprise networks with thousands of computers and generates little traffic. The Agents work in the background without harming other programs. That is, they use the CPU only when it is in its idle state. An administrator can get a report about the work that is done. When a password is restored or a document is decrypted, the program informs the administrator by e-mail, and starts processing the next task. Using the Console, an administrator can also keep statistics.
The software has a plug-in architecture and can be easily extended to support more document formats and types of encryption. Future releases will support ZIP and RAR archives, Intuit Quicken files, PasswordSafe containers, and more.
Elcomsoft Distributed Password Recovery v. 1.6 runs under Windows NT4/2000/XP/2003 and requires 6 MB of hard disk space on the server and 3 MB on every client. The program interface may be set to run in English, Russian, German, and Japanese. Prices begin at $599(US) for networks with up to 20 clients/Agents.
Evaluation Copy Available on Request
About Elcomsoft Co. Ltd
Since 1990, Elcomsoft Co. Ltd has been developing and marketing password recovery, forensics, and security software for Windows. In addition to Distributed Password Recovery, the company also offers a comprehensive line of password recovery and password auditing software for popular Microsoft, Lotus, Corel and Adobe software, as well as dozens of popular email clients, compression programs, instant messenger applications, and other applications.