Passwords in Microsoft Excel 97/2000
Write protection password.
This password is stored inside the document. You can see it using any HEX-viewer.
Document protection password.
Password hash is stored in the document. Hash length is only 32 bits. We can change this password to any other one, or disable it (replace with a hash of an empty string).
Password to open
When this password is set, the entire Word document (including a part of auxiliary information) is encrypted with the RC4 algorithm (stream cipher). 128-bit long hash formed with the MD5 algorithm is used for password verification. Encryption key is 40-bit long, because state regulations of many countries don’t allow using stronger crypto.
Book and Sheet password.
When an Excel Sheet is being protected with a password, a 16-bit (two byte) long hash is generated. Book protection is somewhat more sophisticated. Hash generation algorithm is the same as with sheet protection, however, a whole document is being encrypted. Password for encryption is “VelvetSweatshop”.
Applications for password recovery:
Advanced Office 2000 Password Recovery
http://www.elcomsoft.com