Last night I asked Claude: “I have some old spreadsheets from 2001 and 2002 that I password-protected and now want to access them, but as you may guess, I have forgotten my password used over 24 years ago. Is there any way to access these sheets?”

Claude answered: “Good news — spreadsheets from that era (likely Excel 97-2003 .xls format) used extremely weak encryption by today's standards, so recovery is very feasible. Here's what you should know:”

Claude then listed a few things I should know, including an open-source (free) tool and a couple of commercial tools I could use for password recovery. Then it invited me to upload a file for analysis. Within seconds, Claude identified the file’s encryption: RC4, 40-bit key. State of the art in 2001. Not so much by today’s standards.

But rather than send me off to download tools, Claude might as well have said, “Forget downloading tools, let me take a swing at this!” So I did. And it did. What followed was a gritty, two-hour partnership between my Artificial Intelligence hacker friend and me. Claude wrote a brute-force password cracker in C, ran hundreds of dictionary attacks, extracted the cryptographic hash from the file, and walked me through running the open-source password-cracking tool on my iMac.

I did ALL the rest.

The rest wasn’t all that much. Claude provided me with instructions and the scripts to run the programs it created. It churned through 180 billion combinations, and at the 30-minute mark, a six-character password from 2001 popped out. It turned out to be a six-character tribute to a 1970s operating system. I typed it into Excel. The file opened. How ‘bout THAT for a tribute!

Cue the Jaws theme (still relevant after all these years).

That spreadsheet had "encryption" that a consumer desktop broke on a Thursday evening while I sipped a nice pinot and listened to Apple Music’s Jazz Currents playlist…and of course, checked in every so often to fill my obligation as an equal partner in this password-cracking caper.

There was no special hardware. No dark web tools. Just a free app, a pro subscription to Claude, a little patience, and wine and music of choice.

Now imagine what that means for every password-protected file sitting in old email attachments, dusty hard drives, and forgotten cloud storage accounts. That last one's where I found mine. They were tucked away in an old Dropbox account I haven’t used in more than a decade. Files that we assumed were locked forever. They’re not.

I fed Claude updates, and it provided me encouragement: “It’s running well — 65 million passwords/sec on your M4. It’s currently on 5-character passwords with about 2 minutes left on that length.

Here’s the rough timeline for each length:

• 1-5 characters: A few minutes total (almost done)

• 6 characters: ~3 hours

• 7 characters: ~12 days

• 8 characters: ~3 years

The good news is that most passwords from 2001 were 6 characters or shorter. Let it run — if it’s going to crack, you’ll likely know within a few hours. Press s periodically to check which length it’s on.”

It turns out Claude was right, but also sandbagging. I shared the last update from my computer’s Terminal session, and Claude responded, “Cracked! 30 minutes, 6-character password — right in the sweet spot for 2001.”

The good news is that modern encryption is exponentially stronger. As Claude mentioned, modern 8+ character encryption would take years to crack using my same setup.

The bad news is that many of us have a digital trail of old files, protected by security, that has aged like my movie references. If you’ve got old sensitive documents floating around with 2000s-era password protection, this is your dorsal fin. That lock isn’t a lock anymore. It’s more like a sticky note on the monitor.