Passwords that you enter, of whatever length, are converted, or hashed,
into what is effectively a 12-character string, and stored in the
workbook, rather than what you entered.

There can be an essentially infinite number of passwords, but each one
will hash to one of the 194K 12-character strings. Since the original,
or user-entered, password is not stored, only a representation of the
hash can be determined (e.g., by brute-force attempts to unprotect the
worksheet), not the original password.


In article ,
"Otto Moehrbach" wrote:

I have one question. In the remarked-out text with the code, you say
"Reveals hashed passwords NOT original passwords".
You lost me there. What are "hashed passwords" and what are "original
passwords"?