Password Protect Microsoft Office 2003 Documents
Sep 13th, 2007 by MrGroove
Recently I wrote an article explaining how to Password Protect Office 2007 Documents. Because the process is so much different, I felt it necessary to write a separate groovy How-To Article for Password Protecting (and encrypting) Word 2003, Excel 2003 and PowePoint 2003 documents (yes… It’s also possible to add Passwords to Access however I’ll write that article shortly). So, just follow the simple step by step process below to easily Password Protect / Encrypt your Office 2003 Documents (.doc, .xls, .ppt).
Using passwords, you can prevent other people from opening or modifying your Microsoft Office documents, presentations, workbooks and databases. It’s important to note that if done RIGHT, the password protection / encryption is actually very good and hard to crack. So, let’s get right to it.
1. Open the Document you wish to encrypt / password protect
2. Click Tools, then Click Options
All shots taken from Microsoft Word 2003
3. Click Security tab, and then Click Advanced button
4. Scroll down and Click RC4, Microsoft Enhanced RSA and AES Cryptographic Provider. By default the Key Length is 128 and the box Encrypt document properties is checked. Verify this and Click OK
If you skip this step, you might as well not use a password at all being that common Password Cracking tools are available which can break the lower level of encryption algorithms
Please note - It’s very important to use a STRONG password below. Yeah yeah yeah… you don’t need to get crazy here with stupid $ymb0l$ and upper and lower case characters that you will forget 10 minutes after you type it…. Just use a long PASS PHRASE with 10 or more characters. A Pass Phrase for instance is EASY to type, easy to remember AND VERY secure. Watch, here’s a 20 character secure password: My house is yellow!
That’s it! With spaces between the words, a capital M in the front and ended with a special character, your looking at a VERY secure password which will be near to impossible to crack using brute-force!
Ok, back to the article:
5. Click in the Password to Open box and Type a password. Click OK when finished
Note, depending on the encryption you choose, your password length my be limited to 15-18 characters. Also, the Modify password IS limited to 15 characters and, not very secure. It’s better to make a PDF of the document if your looking to let someone READ but not edit.
6. Renter your Password and Click OK
7. Click File, then Click Save As… (or, if you have already saved the document, just Click Save and your done)
8. Type in a Filename and Click Save
Finished! Very Groovy and Secure!!!
Background Info:
- Password to open By default, this feature uses LAME encryption so be sure to add a long Pass Phrase along with Enhanced RSA & AES encryption under the Advanced Option.
- Password to modify This feature does not use any encryption method. It is designed so you can collaborate with content reviewers you trust. Is not designed to help make your file more secure. It’s a nice way to allow people to VIEW the document but restrict them from making any changes.
- Both passwords You can assign both passwords. One to access the file and one to allow specific reviewers permission to modify its content. Just be sure each password is different from the other
Comments? Questions?
Tags: client, encryption, howto, password, word 2003, excel 2003, powerpoint 2003, security
Your acticle is well done, however, could you mention the backward encryption compatibilty with the previous editions of Office. If someone encypts a document following your article and sends it to a collaborator using an older version of Office (97, 2000) The document will remain encrypted.
@ ADM Support
Thank you for the feedback and Welcome to the Site! I appreciate the tip being that I don’t have an old copy of Office 97 or 2000 installed curretly. Looks like I’ll have to go back and find an old copy to test this out on!
Thanks again!
@ MrGroove
You are welcome. The dialogue box should be self-explanatory (see: picture 3 in the article), however it worths mention it to users (my experience). Here is the link to the Microsoft (KB)http://support.microsoft.com/kb/294414. I agree, it is not fun to read.
Glad if I could help.
Is MS Word encryption really secure ?
Someone claimed that even when good password protection and strong password are used, MS Word encryption can be cracked in 1-2 days. Is that really true ?
@ Adm Support
Excellent! I’ll update the article with the included information. Thank again for the added info!
@ Alex Lee
Hi Alex and Welcome to the site!
In regards to the strength of encryption for Word and Excel 2003 and 2007, if you follow my instructions above regarding the encryption “type” and you use a strong password, the encryption is very strong. Please remember, the key is the password. If you use a dictionary word like happy or december or automobile… the password will be broken in a matter of minutes. If you use a password like: ! l@v3 @ppl3S (special case, spaces between words, numbers, letters) it will be VERY difficult for a NON-NSA type person to crack the encryption and open your document. Trust me, I’ve tried on a 16 way server and after 2 weeks, I aborted the brute force attack. The key is [strong]Encryption Type (RSA/AES), Password Complexity and Password Length.[/strong]
[...] much of this functionality was available in the Microsoft Office 2003 Suite, Microsoft decided to change things around a bit with their new menu [...]
I just setup a password on a word 2003 document. it is 18 characters long. I used the default encryption ( i did not change anything). The password does not take… i created another test document using the same password, and it does not take. If i only use a 15 character password, it is good to go. After testing… the password field is concatinated to 15 characters, but microsoft does not warn you if you use a longer password. Just thought your readers should be warned.
@James - Thanks for the feedback! I’ve updated the document to note the exception.
BTW - Please remember, if you are using the default encryption the password can be cracked very easily using several off-the-shelf products. You really should consider using the encryption algorithm I recommend in the Article.
Thanks again!