Microsoft Word File Encryption (Mac)

Microsoft Word File Encryption

Microsoft Word file encryption allows you to quickly and easily secure Word documents. Though early versions of Office’s file encryption were notoriously weak, newer versions are much stronger. Microsoft Office 2007-2010 offers AES-128 encryption using the SHA-1 algorithm, while Office 2013 uses AES-128 and SHA-512. The use of SHA-512 is a major upgrade over SHA-1 in preventing brute-force attacks against passwords. Unfortunately the password cap for Microsoft Word file encryption is 14 characters. This tutorial uses Microsoft Office 2016 running on macOS El Capitan.

Microsoft Word File Encryption

To encrypt a document, open Microsoft Word. Click on the “Review” tab and click the “Protect” button. In the drop-down that appears, click “Protect Document”.

Microsoft Word File EncryptionA new menu will appear. This menu will have two password fields. The first is the password to open the document, the second is the password to modify the document. Enter a password into the first field. A new window will appear asking you to confirm the password. If you wish to require a password to modify the document (recommended), repeat this process.

If you do not wish that the file be modified, check the “Read-only recommended” box. This will allow a user to open the document, but not to modify it in any way. Finally, in the Privacy field, you may wish to check the “Remove personal information from the is file on save” box. This will scrub metadata from the file that can include how long the document has been worked on, who has worked on it, and even earlier versions of the document.

Microsoft Word File EncryptionWhen the document is saved, it’s icon will appear with a padlock over it. Before opening the document you will be prompted for a password as shown below.

Microsoft Word File EncryptionBecause of the the password limitations, Microsoft Word file encryption is not ideal, but it is a lot better than nothing. If you have extremely sensitive files you may wish to further protect them behind full disk encryption or volume level encryption.

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Leave a Reply