Which Excel version has the weakest password protection?

Excel 97 through Excel 2003 .xls files use 40-bit RC4 encryption, which is considered broken. Any password-protected .xls file from that era can be decrypted in a few hours regardless of the password, because the small key space can be searched directly.

Is Excel 2019 or Microsoft 365 encryption stronger than Excel 2013?

No. The cryptographic specification is identical — AES-128 with SHA-512 at 100,000 iterations. What changed is that Microsoft enforces stricter minimum password complexity in newer UI defaults, so users tend to pick stronger passwords.

Can GPUs crack any Excel password?

GPUs dramatically speed up dictionary and mask attacks, but random long passwords on Excel 2007+ remain unreachable. A GPU cluster might test hundreds of thousands of candidates per second for Excel 2013, which sounds like a lot until you consider that a random 12-character password has over 10^21 possibilities.

How do I know which Excel version saved my file?

If the extension is .xls, the file was saved as Excel 97-2003. If it ends in .xlsx, it was saved by Excel 2007 or later. For .xlsx, the exact sub-version is stored inside the archive but for recovery purposes the distinction that matters most is 2007 vs 2010 vs 2013+.

Why do some .xlsx files recover instantly and others take days?

Because recovery time is dominated by the password itself, not the file. A dictionary word hits in milliseconds; a random 14-character string will never complete. Two files saved by the same Excel version can have vastly different recovery times.

Version Comparison

Excel Password Recovery by Version

The single biggest factor in whether your Excel password can be recovered is the version of Excel that last saved the file. A 2003 .xls is practically guaranteed to recover; a 2019 .xlsx with a random password is practically unrecoverable. This page compares every Excel generation side by side with realistic odds and real attack speeds.

Proof-first paid recovery

Free Office check. $34.99 release only if recovery works.

Analysis is free. Recovery is version-aware — different Office versions get different treatment. You see proof before paying. Full password or unlocked file release is one clear payment.

$34.99

one release price

No subscription

No charge if not found

Ownership confirmation required

Start free Office check See version odds

At-a-Glance Comparison

Version	Ext.	Encryption	Iterations	GPU Speed	Realistic Odds
Excel 97 / 2000 / XP / 2003	.xls	RC4 40-bit	16 (MD5)	Key search, hours	100%
Excel 2007	.xlsx	AES-128 / SHA-1	50,000	~1.5M/s per GPU	~40-60%
Excel 2010	.xlsx	AES-128 / SHA-512	100,000	~140k/s per GPU	~30-50%
Excel 2013	.xlsx	AES-128 / SHA-512	100,000	~140k/s per GPU	~20-40%
Excel 2016 / 2019	.xlsx	AES-128 / SHA-512 (same)	100,000	~140k/s per GPU	Weak pw only
Microsoft 365	.xlsx	AES-128 / SHA-512 (same)	100,000	~140k/s per GPU	Weak pw only

Speeds above are per high-end consumer GPU (RTX 4090 class) for dictionary and mask attacks. A 6-GPU cluster scales roughly linearly.

Why Excel 97-2003 Is Always Recoverable

Microsoft released Excel 97 in 1996. Back then, US export regulations restricted strong cryptography, so Microsoft shipped Excel with a deliberately weak 40-bit RC4 cipher. A 40-bit key has roughly one trillion (2^40) possible values. On a modern GPU, you can try all one trillion keys in a few hours. Recovery does not even involve passwords — the service searches the key space directly and decrypts the file once the correct key is found.

That means every password-protected .xls from Excel 97, 2000, XP or 2003 is mathematically recoverable, whether the password is "1234" or 60 characters of random binary. This is what makes our guaranteed recovery offering possible.

The 2007 Generational Leap

Excel 2007 introduced the .xlsx format — an XML-based Office Open XML container — and replaced 40-bit RC4 with real AES-128. Instead of searching a one-trillion-key space, an attacker now has to guess the original password and derive the key from it using SHA-1 at 50,000 iterations.

50,000 rounds of SHA-1 on a GPU is still cheap — about 1.5 million candidates per second per RTX-class GPU. That sounds fast, but set against passwords of realistic length it is still the dominant time cost. A dictionary of 14 billion leaked passwords runs in about 2.5 hours on a single GPU for 2007 files; on six GPUs in parallel, roughly 25 minutes.

The 2010 Hardening — 10x Slower Attacks

Excel 2010 switched from SHA-1 to SHA-512 and doubled iterations to 100,000. Per-GPU attack speed drops from ~1.5 million to ~140,000 candidates per second — a 10x slowdown. A 14-billion-entry dictionary now takes roughly 28 hours on a single GPU. Still feasible in a cluster, but the scope of attacks shifts from "try everything" to "try targeted wordlists and masks".

2013 and Later — Same Spec, Stronger Reality

From a pure cryptography standpoint, Excel 2013, 2016, 2019 and Microsoft 365 are identical: AES-128 with SHA-512 at 100,000 iterations. Microsoft did not bump iteration count again because the attack ecosystem shifted: modern GPUs still churn through 140k/s, so adding iterations would have hurt honest users (slow file open) without stopping motivated attackers.

So why are odds progressively worse? Three reasons:

Password managers became mainstream. Excel 2007 files are often from an era when people typed pet names. Excel 2019 files are more likely protected with a 16-character random string from a password manager.
UI nudges toward stronger passwords. Newer Excel versions show real-time strength meters, complain about short passwords, and default to stricter policies in corporate deployments.
User awareness. High-profile data breaches of the last decade trained business users to use unique passwords they do not reuse.

What About Sheet Protection?

None of the encryption above applies to Excel sheet protection, which is a soft lock stored as XML. Sheet protection can be removed in minutes without any password — see our step-by-step unprotect Excel sheet guide. This page is specifically about the file-open password that Excel requires before it displays anything.

How to Tell Which Version Saved Your File

Three quick checks, in order of reliability:

Extension — .xls means Excel 97-2003 regardless of when you think the file was created. .xlsx means Excel 2007 or later.
Encryption header — open the file in a hex editor. Excel 97-2003 files start with D0 CF 11 E0 (OLE compound). Excel 2007+ .xlsx files start with 50 4B 03 04 (ZIP). An encrypted .xlsx is wrapped in an OLE container so it also shows D0 CF 11 E0 — unzip-like tools will refuse.
Internal version string — for unencrypted .xlsx, the app name lives in docProps/app.xml. For encrypted files you need a dedicated parser; recovery services detect this automatically on upload.

Realistic Outcomes — Three User Examples

Grandmother's 1998 payroll spreadsheet

Excel 97 (.xls)

Recovered in 4 hours by GPU key search. Password was irrelevant.

2011 engineering project file

Excel 2010 (.xlsx)

Password 'Boeing737!' recovered in 11 minutes using a brand+symbol dictionary. Hinted correctly by user as 'my workplace plus a symbol'.

2024 personal finance spreadsheet

Excel 365 (.xlsx), 18-char password manager output

Not recovered. Attack aborted after 72 hours. User found password in an old Bitwarden export from 2023.

Old Excel file? Recovery is guaranteed

If your file is .xls from the 97-2003 era, 100% recovery success is mathematical, not marketing. Full details on our guaranteed recovery page.

Frequently Asked Questions

If Excel 2019 and 365 share the same encryption, is my file from an 'older laptop' easier to crack?

The file format does not care which laptop saved it. What matters is what password you chose and whether that laptop's Excel version enforced complexity rules.

Can I convert my .xlsx back to .xls to make recovery easier?

Only if you can open the file — and if you can open it you do not need recovery. You cannot downgrade an encrypted file without the password.

How much does each GPU add to attack speed?

For Excel 2007+ attacks are perfectly parallel — ten GPUs go ten times faster than one. Real clusters share memory, PCIe, and coordination overhead, so in practice expect ~95% scaling.

Is an online service faster than buying my own GPU?

A single RTX 4090 is around $1,600. A good 6-GPU cluster costs $10k+. For one or two recovery jobs, a cloud service is vastly cheaper — and it only charges if the password is actually found.

Does upgrading Microsoft Office re-encrypt my existing .xlsx files?

No. The encryption is baked into the file at save time. Upgrading Office does not re-protect old files with newer algorithms; the next time you save, that one save will use whatever defaults your current version offers.

Upload for a free check

Not sure which version you are dealing with? Upload the file — we auto-detect the Excel generation, show estimated odds, and run a free dictionary pre-check at no cost.

Upload Excel file