Microsoft Word - Password Protection

Password Protection

There are 3 password types that can be set in Microsoft Word:

• password to open a document
  
• password to modify a document
  
• password restricting formatting and editing
  

The second and the third type of passwords were developed by Microsoft for convenient shared use of documents rather than for their protection. There’s no encryption of documents that are protected by such passwords, and Microsoft Office protection system saves a hash sum of a password in a document’s header where it can be easily accessed and removed by the specialized software. Password to open a document offers much tougher protection that had been steadily enhanced in the subsequent editions of Microsoft Office.

Word 95 and all the preceding editions had the weakest protection that utilized a conversion of a password to a 16-bit key.

Key length in Word 97 and 2000 was strengthened up to 40 bit. However, modern cracking software allows removing such a password very quickly – a persistent cracking process takes one week at most. Use of rainbow tables by online services like Password-Find reduces password removal time to several seconds. Some password recovery software can not only remove a password, but also find an actual password that was used by a user to encrypt the document using brute-force attack approach. Statistically, the possibility of recovering the password depends on the password strength.

Word’s 2003/XP default protection remained the same but an option that allowed advanced users choosing a Cryptographic Service Provider was added. If a strong CSP is chosen, guaranteed document decryption becomes unavailable, and therefore a password can’t be removed from the document. Nonetheless, a password can be fairly quickly picked with brute-force attack, because its speed is still high regardless of the CSP selected. Moreover, since the CSPs are not active by the default, their use is limited to advanced users only.

Word 2007 offers a significantly more secure document protection which utilizes the modern Advanced Encryption Standard that converts a password to a 128-bit key using a SHA-1 hash function 50000 times. It makes password removal impossible (as of today, no computer that can pick the key in reasonable amount of time exists), and drastically slows the brute-force attack speed down to several hundreds of passwords/second.

Word’s 2010 protection algorithm was not changed apart from increasing number of SHA-1 conversions up to 100000 times, and consequently, the brute-force attack speed decreased two times more.