Microsoft Outlook is one of the most popular email clients around. It regularly ranks among the top email client options, only beaten out by Apple’s integrated mail solution and Gmail. Most people use Outlook at some time, through business, work, school, or otherwise.
Given the millions of users, it’s understandable that at some point, someone will forget their Outlook password.
In those moments, you want a tool that can recover an Outlook password, leaving your data intact. Thankfully, Outlook password recovery tools exist—and here are three of the best.
Differences Between Outlook PST and OST Files
The way Outlook stores, manages, and secures your data depends on the type of account you are using. There are two main types of Outlook data files:
- PST: A Personal Storage Table is the storage system Outlook uses for POP and IMAP accounts. Your email is delivered to and stored on the mail server and is only accessible while online. You can take backups of your Outlook email to work on, but this also creates a new PST file. When you move to a new computer, PST files transfer easily between systems. Here are some of the best Outlook tools that will help you migrate to a new computer.
- OST: You can use an Offline Storage Table file when you want to keep an entire local backup of an email account. All the data is stored on your computer as well as the mail server. This means the entire user account email database is accessible, regardless of network connection. Changes sync when the user establishes a connection with the mail server.
There are two more vital differences between the two file types.
By and large, PST data files store vital information, such as passwords, to the local machine. This password locks unauthorized users out of the Outlook account, protecting emails and user data in the process. The OST data file also uses local storage but doesn’t contain any passwords. As such, the PST file is open for password retrieval. (Do note that OST passwords aren’t much more secure.)
The second difference is a bug in Microsoft Outlook’s password protection that relates to password storage.
The Microsoft Outlook Password Protection Bug
When you enter a password on a website, the site (hopefully) doesn’t store it in plaintext. Plaintext is what you’re reading now, so you can see why storing a password in this form isn’t so wise. The website takes your password and creates a hash.
A hash is a long string of alphanumeric characters that represent your password and is tied to your username. When you type your username and password combination, the database returns a positive response, and you enter your account. But if an attacker enters the database, all they see is a long list of confusing hash values.
Here’s the problem with Outlook: Instead of using a complex hashing algorithm, Microsoft appears to have cut some security corners using the basic CRC32 algorithm.
Unsure what an encryption algorithm is? Here are some handy encryption terminologies that’ll help you understand more about passwords.
The bad news is that each CRC32 hash has a lot of matching values, meaning there’s a strong chance a password retrieval program will unlock your file. This is great if you need your PST file unlocked, but utterly terrible if you want to keep it secure.
3 Tools to Find Your Outlook Password
Now you know how easy it is to see a saved Outlook password, here are the tools to complete the job. The Outlook PST password recovery tools will recover your password and allow you to unlock your data file.
Alternatively, you can also remove the Outlook password from the file so you can replace it with one you remember.
Nirsoft’s PstPassword is a great free utility that automatically retrieves PST passwords for local data files. PstPassword displays three potential passwords due to the encryption bug. If the first option fails, you have two more choices. (In fact, PstPassword generates a long list of CRC32 hashes that might unlock the data file.)
PstPassword doesn’t require installation, either. However, your system might detect it as a malicious file (as it is harvesting passwords, something that you don’t want at other times).
Download: PstPassword for Windows (Free)
Kernel Outlook PST Password Recovery Tool is a limited free utility. The major limitation is the size of the PST file the tool will unlock. Kernel’s tool will unlock PST files up to 500MB for free. However, if your data file size surpasses that you will need to upgrade to the Home License for $39.
The tool quickly analyzes your PST files, providing a hash value for you to enter. Unlike PstPassword, Kernel only grants a single password hash to try. However, if that doesn’t work, Kernel also has the option to remove the password protection from the PST file (as well as adding a new one if you desire).
The free version of Kernel Outlook PST Password Recovery removes the password with ease. I tested using several different password strengths, and each PST file was unlocked.
Download: Kernel Outlook PST Password Recovery for Windows (Free Trial/$39 License)
Our final tool is Recovery Toolbox for Outlook Password. Recovery Toolbox costs $19 but comes with a few more options than either free option. For example, Recovery Toolbox can:
- Recover and show passwords for PST data files
- Reset PST data file passwords
- Recover and remove some passwords for OST data files
The major difference is support for OST files. The paid version of Recovery Toolbox shows and removes OST passwords, too, giving it a slight advantage. That said, other free online tools will uncover even the most secure Outlook OST data file passwords, too.
Download: Recovery Toolbox for Outlook Password for Windows ($19)
Testing the PST Password Protection Bug
You can check the password protection bug out for yourself using PstPassword.
Open Outlook and head to File > Account Settings > Data Files.
Press Add to create a new data file, giving it a temporary name.
Next, head to Settings > Change Password. Leaving the “Old password” field empty (as it is a new data file), enter a strong new password in the “New password” and “Verify password” fields. (In fact, I’m using a Secure Password Generator to create a super-strong 16-character password.)
You might note that despite the 16-character password, Outlook only accepts 15-characters. Regardless, press OK, close the panel, then close Outlook.
Download, then open PstPassword. It should automatically detect your newly created PST file, as well as any existing data files, too. Now, alongside your test file, there are three potential passwords. Because the password is over a certain amount of characters, PstPassword displays the hash values.
Open Outlook again and enter one of the hash values. If it doesn’t work, try the next one. In the event the first three don’t work, right-click the test data file and select Get more passwords.
Mail PassView is another free password viewing and recovery tool from Nirsoft. Mail PassView uncovers OST data file passwords, rather than PST data files. However, as OST data file passwords are usually set via mail server rather than in Outlook itself, the tool cannot remove passwords or offer alternatives.
Still, Mail PassView is a useful free tool for recovering your Outlook password.
Outlook Password Recovery Complete!
One of these tools will grant you access to your Microsoft Outlook PST data file. Some Microsoft Office programs have strong integrated encryption. But there are still password removal tools you can use to try and recover your accounts.
However, you have seen the Outlook password protection bug and how you can easily uncover a lost password. And if the reason you forgot your Outlook password was that you’re using Gmail now, it’s time to forward your Outlook emails and maybe even delete your Outlook account.
Read the full article: How to View or Recover Your Microsoft Outlook Password