Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

I forgot my password for Office One Note.

8,295 views
Skip to first unread message

Paul

unread,
Jun 29, 2008, 11:26:01 AM6/29/08
to
I forgot my password for Office One Note.

Is there a way to reset it without the old one?

Ben M. Schorr - MVP (OneNote)

unread,
Jun 29, 2008, 1:14:54 PM6/29/08
to
Not natively, but Google is your friend...

--
-Ben-
Ben M. Schorr, MVP
Roland Schorr & Tower
http://www.rolandschorr.com
http://www.officeforlawyers.com
Author - The Lawyer's Guide to Microsoft Outlook 2007:
http://tinyurl.com/5m3f5q

"Paul" <Pa...@discussions.microsoft.com> wrote in message
news:D71C6E39-AC16-44EE...@microsoft.com:

Mike

unread,
Jun 30, 2008, 2:25:00 PM6/30/08
to
Just to satisfy my curiousity I did a Google search for "crack onenote
password" and found a list of tools to crack the OneNote password. So I'm
confused. If these tools work and it is this easy to compromise OneNote and
gain access to a password protected section then what is the benefit of
having a password protected section?

YouBetcha

unread,
Jun 30, 2008, 5:19:02 PM6/30/08
to
Doesn't OneNote use triple DES encryption?

"Ben M. Schorr - MVP (OneNote)" wrote:

Ben M. Schorr - MVP (OneNote)

unread,
Jun 30, 2008, 6:41:29 PM6/30/08
to
It's not intended to be Department of Defense certified security. If
you need that level of protection then you should be implementing
operating system level measures like drive encryption and strong
passwords.

Like a deadbolt on a glass door -- it's not intended to stop a
determined and skilled attacker. It's intended to deter the casual
browser/thief.

--
-Ben-
Ben M. Schorr, MVP
Roland Schorr & Tower
http://www.rolandschorr.com
http://www.officeforlawyers.com
Author - The Lawyer's Guide to Microsoft Outlook 2007:
http://tinyurl.com/5m3f5q

"Mike" <Mi...@discussions.microsoft.com> wrote in message
news:AC6EC348-6E9F-41F2...@microsoft.com:

Mike

unread,
Jun 30, 2008, 7:28:03 PM6/30/08
to
It doesn't take a skilled and determined attacker to search Google and
download a password recovery tool.

http://www.lostpassword.com/onenote.htm

It looks like the password protection is useless except for superficial
protection. Someone please tell me I'm wrong!

YouBetcha

unread,
Jul 1, 2008, 6:35:01 PM7/1/08
to
Mike,

Read the following from their web page:

"MS OneNote uses relatively strong encryption algorithm that makes instant
password calculation impossible. Brute-force attack is the slowest approach
and can test all the passwords of up to 6 characters. Xieve™ attack is much
faster and is capable of recovering passwords of up to 9 characters.
Dictionary attack is the fastest method - there is no limitation on password
length. "

Their software relies on you using an "easy" password and it tries various
combinations of words. When they say "instant password calculation [is]
impossible" what they do not tell you is, how long it would take the software
to actually crack it, if it is not something from their dictionary.

You should send them an e-mail, give them a reasonably strong password
(something with combinations of letters and numbers, say a string of 10-12
characters and numbers, that can't be looked up in a dictionary) and ask them
how long it might take. I'm not sure from the description above it would be
able to do it at all. But make sure you tell them it is OneNote 2007 (not
Word 97). Let us know their response.

Ben M. Schorr - MVP (OneNote)

unread,
Jul 1, 2008, 6:55:01 PM7/1/08
to
"It doesn't take a skilled and determined attacker to search Google and
download a password recovery tool."

Well...Paul didn't do it, did he? :-)

"Superficial" is a subjective word here. OneNote's password protection
deters the casual browser and if you have picked a sufficiently strong
pass phrase then it may well thwart the more determined effort too.

If you use "hello" as your password then it probably doesn't much matter
what algorithm you use.

OneNote's password feature is a padlock, not a bank vault.

--

-Ben-
Ben M. Schorr, MVP
Roland Schorr & Tower
http://www.rolandschorr.com

http://www.officeforlawyers.com/onenote.htm


"Mike" <Mi...@discussions.microsoft.com> wrote in message

news:16EABE27-A298-430A...@microsoft.com:

Ben M. Schorr - MVP (OneNote)

unread,
Jul 1, 2008, 6:55:47 PM7/1/08
to
It can still be brute-forced under some circumstances.


-Ben-
Ben M. Schorr, MVP
Roland Schorr & Tower
http://www.rolandschorr.com

http://www.officeforlawyers.com/onenote.htm


"YouBetcha" <YouB...@discussions.microsoft.com> wrote in message
news:D99650B2-BEFF-41F3...@microsoft.com:

Erik Sojka (MVP)

unread,
Jul 1, 2008, 7:00:14 PM7/1/08
to
Correct - with any password system, you should choose a password which is
not easily found in a dictionary, and is very long. I typically choose
whatever catchphrase or song lyric that is rattling around in my head,
change a few characters to alternate case or number/symbols, adjust the
spacing, and I then have a very long password (which should be impossible
to crack) which I can still remember.

"tiptoe through the tulips"
becomes
"T!ptoe through theT\/lip3"

That's a nigh-uncrackable 25-character password.


=?Utf-8?B?WW91QmV0Y2hh?= <YouB...@discussions.microsoft.com> wrote in
news:C5038D1F-03A6-49E0...@microsoft.com:

even...@gmail.com

unread,
Jun 8, 2017, 11:51:16 AM6/8/17
to
I forgot my password for One Note. Is there a way to reset it without the old one?
0 new messages