About Word® and Excel® encryption

<< Click to Display Table of Contents >>

Navigation:  Password Recovery Programs > Advanced Office Password Breaker >

About Word® and Excel® encryption

Microsoft Word® and Microsoft Excel® support three levels of document/workbook protection. The user who creates a document or workbook has read/write permission to a document and controls the protection level. The three levels of document protection are:

File open protection. Word®/Excel® requires the user to enter a password to open a document.

File modify protection. Word®/Excel® requires the user to enter a password to open the document with read/write permission. If the user clicks Read Only at the prompt, Word®/Excel® opens the document as read-only.

Read-only recommended protection. Word® prompts the user to open the document as read-only. If the user clicks No at the prompt, Word®/Excel® opens the document with read/write permission, unless the document has other password protection.

In addition to protecting the entire Word® document, users can also protect specific elements such as tracked changes, comments and forms from unauthorized changes. For Excel®, users can protect worksheets and the contents of locked cells, workbook structure, windows in a workbook, and cells or formulas in a worksheet, or items in a chart sheet. Finally, one can prevent other users from viewing code by locking a VBA project.

All protections but the "File open" are not designed to be secure. The password can be either recovered, removed or replaced instantly. These types of passwords are not not supported by AOPB.

If File open protection is used, Word® and Excel® encrypt password-protected documents by using a symmetric encryption routine known as RC4. In legacy versions of Microsoft Office prior to Office 97 (i.e. Office 95, Office 6.0 etc) the implementation was weak, and allowed to extract and decrypt the password. Such files are also not supported by AOPB.

For files in the Word® and Excel® 97/2000 format, including those saved in Word®/Excel® XP/2003, if Office 97/2000 Compatible Encryption is used, the File open protection is fairly strong. The password cannot be recovered instantly, and the most common method to break the password are brute-force and dictionary attacks. However, these methods fail if the password is long and complex enough (not based on a combination of common words). This is the type of protection AOPB supports by attacking  the binary encryption key instead of the password (see next chapter).

Microsoft Office XP introduced encryption based on Cryptographic Service Providers; files encrypted that way are not supported by AOPB.

If AOPB shows a message that such files are not supported when you attempt to start an attack, read the Files/passwords that are not supported chapter for instructions.