Microsoft Office password protection

Microsoft Office password protection is a security feature that allows Microsoft Office documents (e.g. Word, Excel, PowerPoint) to be protected with a user-provided password.

Types[edit]

There are two types of passwords that can be set to a document:^[1]

A password to encrypt a document restricts opening and viewing it. This is possible in all Microsoft Office applications. Since Office 2007, they are hard to break if a sufficiently complex password was chosen.^{[citation needed]} If the password can be determined through social engineering, the underlying cipher is not important.

Passwords that do not encrypt but restrict modification and can be circumvented.^[2]
- In Word and PowerPoint the password restricts modification of the entire document.^[3]
- In Excel passwords restrict modification of the workbook, a worksheet within it, or individual elements in the worksheet.

History of Office encryption[edit]

Weak encryptions[edit]

In Excel and Word 95 and prior editions a weak protection algorithm is used that converts a password to a 16-bit verifier and a 16-byte XOR obfuscation array^[1] key.^[4] Hacking software is now readily available to find a 16-byte key and decrypt the password-protected document.^[5]

Office 97, 2000, XP and 2003 use RC4 with 40 bits.^[4] The implementation contains multiple vulnerabilities rendering it insecure.^[5]

In Office XP and 2003 an opportunity to use a custom protection algorithm was added.^[4] Choosing a non-standard Cryptographic Service Provider allows increasing the key length. Weak passwords can still be recovered quickly even if a custom CSP is on.

AES since Office 2007[edit]

In Office 2007, protection was significantly enhanced since a modern protection algorithm named Advanced Encryption Standard was used.^[4] At present^[when?], there is no software that can break this encryption. With the help of the SHA-1 hash function, the password is stretched into a 128-bit key 50,000 times before opening the document; as a result, the time required to crack it is vastly increased, similar to PBKDF2, scrypt or other KDFs.^{[citation needed]}

Office 2010 employed AES and a 128-bit key, but the number of SHA-1 conversions doubled to 100,000.^[4]

Office 2013 uses 128-bit AES, again with hash algorithm SHA-1 by default.^[6] It introduces SHA-512 hashes in the encryption algorithm, making brute-force and rainbow table attacks slower.^{[citation needed]}

Office 2016 uses, by default, 256-bit AES, the SHA-2 hash algorithm, 16 bytes of salt and CBC (cipher block chaining).^[7]

Attacks that target the password include dictionary attacks, rule-based attacks, brute-force attacks, mask attacks and statistics-based attacks. Attacks can be sped up through multiple CPUs, also in the cloud, and GPGPU (applicable only to Office 2007-10 documents).^{[citation needed]}

Excel worksheets and macro protection[edit]

The protection for worksheets and macros is necessarily weaker than that for the entire workbook, as the software itself must be able to display or use them.^{[citation needed]}

For XLSX files that can be opened but not edited, there is another attack. As the file format is a group of XML files within a ZIP; unzipping, editing, and replacing the workbook.xml file (and/or the individual worksheet XML files) with identical copies in which the unknown key and salt are replaced with a known pair or removed altogether allows the sheets to be edited.^{[citation needed]}

References[edit]

^ ^a ^b "[MS-OFFCRYPTO] Office Document Cryptography Structure" (PDF). Microsoft Corporation. 2021-10-05. pp. 60–65. Archived (PDF) from the original on 2023-04-11.
^ "How to Open a Password-Protected Excel File". wikihow.com. Retrieved 2024-01-24.
^ "Password protect documents, workbooks, and presentations". Office.microsoft.com. Retrieved 26 December 2012.
^ ^a ^b ^c ^d ^e "Microsoft Office File Format Documents". Msdn.microsoft.com. Retrieved 26 December 2012.
^ ^a ^b Wu, Hongjun (2005). "The Misuse of RC4 in Microsoft Word and Excel" (PDF). Institute for Infocomm Research, Singapore.
^ "Cryptography and encryption settings for Office 2013". docs.microsoft.com. 26 December 2016. Retrieved 4 July 2018.
^ DHB-MSFT. "Cryptography and encryption in Office 2016". docs.microsoft.com. Retrieved 2018-12-07.

[:0-1] "[MS-OFFCRYPTO] Office Document Cryptography Structure" (PDF). Microsoft Corporation. 2021-10-05. pp. 60–65. Archived (PDF) from the original on 2023-04-11.

[2] "How to Open a Password-Protected Excel File". wikihow.com. Retrieved 2024-01-24.

[ms148333-3] "Password protect documents, workbooks, and presentations". Office.microsoft.com. Retrieved 26 December 2012.

[msdn.microsoft-4] "Microsoft Office File Format Documents". Msdn.microsoft.com. Retrieved 26 December 2012.

[:1-5] Wu, Hongjun (2005). "The Misuse of RC4 in Microsoft Word and Excel" (PDF). Institute for Infocomm Research, Singapore.

[6] "Cryptography and encryption settings for Office 2013". docs.microsoft.com. 26 December 2016. Retrieved 4 July 2018.

[7] DHB-MSFT. "Cryptography and encryption in Office 2016". docs.microsoft.com. Retrieved 2018-12-07.

[1]

[2]

[3]

[4]

[5]

[6]

[7]