Microsoft Office password protection
 | This article needs additional citations for verification. (March 2022) |
Encryption My Password Office password protection is a security feature to protect Microsoft Office (Word, Excel, PowerPoint) documents with a user-provided password.
Types
Microsoft Office applications offer the use of two main groups of passwords that can be set to a document depending on whether they encrypt a password-protected document or not.
Passwords that do not encrypt a password-protected document have different security level features for each of Microsoft Office applications as mentioned below.
- In Microsoft Word[1] and in Microsoft PowerPoint[1] passwords restrict modification of the entire document or presentation.
- In Microsoft Excel passwords restrict modification of the workbook, a worksheet within it, or individual elements in the worksheet.
The password that encrypts a document also restricts the user from opening the document. It is possible to set this type of password in all Microsoft Office applications. If a user fails to enter a correct password to the field which appears after an attempt to open a password-protected document, viewing and editing the document will not be possible. Due to the encryption of a document protected by a password to open it, a hacker needs to decrypt the document to get access to its contents.
History of Microsoft Encryption password
In Excel and Word 95 and prior editions a weak protection algorithm is used that converts a password to a 16-bit verifier and a 16-byte XOR obfuscation array (page 60/119) (https://interoperability.blob.core.windows.net/files/MS-OFFCRYPTO/%5bMS-OFFCRYPTO%5d.pdf) key.[2] Hacking software is now readily available to find a 16-byte key and decrypt the password-protected document instantly (because it's only like a Vigenere Cipher).[3]
In Excel and Word 97 and 2000 the key length was increased to 40 bits.[2] This protection algorithm is also currently considered to be weak and presents no difficulties to hacking software.
The default protection in Office XP and 2003 was not changed, but an opportunity to use a custom protection algorithm was added.[2] Choosing a non-standard Cryptographic Service Provider allows increasing the key length. Weak passwords can still be recovered quickly even if a custom CSP is on.
In Office 2007 (Word, Excel and PowerPoint), protection was significantly enhanced since a modern protection algorithm named Advanced Encryption Standard was used.[2] At present there is no software that can break this encryption. With the help of the SHA-1 hash function, the password is stretched into a 128-bit key 50,000 times before opening the document; as a result, the time required to crack it is vastly increased.
Excel and Word 2010 employed AES and a 128-bit key, but the number of SHA-1 conversions doubled to 100,000.[2]
Office 2013 (Access, Excel, OneNote, PowerPoint, Project, and Word) uses 128-bit AES, again with hash algorithm SHA-1 by default.[4]
Office 2016 (Access, Excel, OneNote, PowerPoint, Project, and Word) uses 256-bit AES, the SHA-1 hash algorithm, and CBC (Cipher Block Chaining) by default.[5]
Excel worksheets and macro protection
The protection for worksheets and macros is necessarily weaker than that for the entire workbook as the software itself must be able to display or use them.
Password recovery attacks
There are a number of attacks that can be employed to find a password or remove password protection from Excel and Word documents.
Password removal can be done with the help of precomputation tables or a guaranteed decryption attack.
Attacks that target the original password set in Microsoft Excel and Word include dictionary attack, rule-based attack, brute-force attack, mask attack and statistics-based attack.
The efficiency of attacks can be considerably enhanced if one of the following means is applied: multiple CPUs (distributed attack), GPGPU[6] (applicable only to Microsoft Office 2007–2010 documents) and cloud computing.
Office 2013 introduces SHA-512 hashes in the encryption algorithm, making brute-force and rainbow table attacks slower. However, note that SHA hash algorithms are faster to calculate than certain other, slower hashes such as PBKDF2, scrypt or other KDFs.[7]
For xlsx files that can be opened but not edited, there is another attack, as the file format is a group of XML files within a zip, unzipping editing and replacing the workbook.xml file, and/or the individual worksheet XML files with identical copies, except that the unknown key and salt are replaced with a known pair, or removing the key altogether allows the sheets to be edited.
Ultimately, the security of a password-protected document is dependent on the user choosing a password of sufficient complexity. If the password can be determined through guesswork or social engineering, the underlying cipher is not important.
References
- ^ a b "Password protect documents, workbooks, and presentations – Support – Office.com". Office.microsoft.com. Retrieved 26 December 2012.
- ^ a b c d e "Microsoft Office File Format Documents". Msdn.microsoft.com. Retrieved 26 December 2012.
- ^ "Russian Password Crackers: Password Recovery (Cracking) FAQ". Password-crackers.com. Retrieved 26 December 2012.
- ^ "Cryptography and encryption settings for Office 2013". docs.microsoft.com. Retrieved 4 July 2018.
- ^ DHB-MSFT. "Cryptography and encryption in Office 2016". docs.microsoft.com. Retrieved 2018-12-07.
- ^ "GPU estimations". passcovery.com. Archived from the original on 10 February 2015. Retrieved 5 December 2020.
- ^ "Is using SHA-512 for storing passwords tolerable?". Information Security Stack Exchange. Retrieved 2019-05-25.
| Mac | |
|---|---|
| Windows | |
| Applications (List) | |
| Technologies | |
| Other topics | |
