Forum Discussion
Recovering a VBA protect password
MDB passwords are trivial to hack. However, that isn't the case for ACCDB passwords which, since A2010, use 128-bit encryption.
I have tried the cosenor password recovery tool for research purposes. The utlilty uses a brute force approach to test every possible combination of passwords in turn until it finds something that works. So if your password is reasonably long/strong this can take days/months or even years to complete ...unless you can provide clues to narrow down the search.
As an experiment I tested it on one of my own databases whose 10 character password I already knew. I left the utility running on a spare workstation for almost 48 hours. It had only tested a small % of the possible values before I terminated the search.
For a guide as to the time needed to hack a password using brute force, see https://www.linkedin.com/posts/cbtech-support_ever-wonder-how-long-it-would-theoretically-activity-6715288518240845824-Aiyx/
- I don't understand how it could recover 1 character. The brute force approach requires each generated string to be tested in turn on the specified database. It either succeeds or fails without any clues being given about which characters were correct
Just for clarification, I thought the Cosenor tool was a well-designed utility and it did exactly what it claimed to do...but it could take billions of years to crack a strong password. For once, MS did create strong security, at least with ACCDB passwords (though not with other Access features)