[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

passwords in excel

Posted on 2013-11-26
5
Medium Priority
?
275 Views
Last Modified: 2013-11-28
If a user has NTFS read, write, execute permissions to a spreadsheet (password protected), can they still delete the excel xlsx file? Or does the fact they have a password on the spreadsheet mitigate if a user can delete the file or not (not sure if there are numerous types of password one for access or one for stuff like move/delete etc)?

Are excel passwords still deemed to be quite weak and easily cracked - i.e. are NTFS more effeective than excel passwords for security.
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 19

Accepted Solution

by:
regmigrant earned 1000 total points
ID: 39677383
The OS has no reference to the Excel password on a spread sheet, its only 'read' when Excel tries to open the file so the OS can always delete it because the permissions on the folder apply at the file level (regardless of application). - this is standard behaviour on every OS as far as I'm aware

You could use document management system (like sharepoint or a more grown up one) and a macro to ensure that a particular worksheet could not be deleted if it was marked appropriately.

As far the passwords themselves the passwords are more about preventing accidental (or malicious) updates by people who have been given access to the files rather than 'encryption' to keep people out of the file in the first place. So you need to decide which you want. A brute force attack would break an 8 digit password in a few hundred years.

The NTFS passwords are tougher to crack but still open to brute force by those with time and inclination.

The only way to both prevent unauthorised deletion and protect the content is to Encrypt the file at the OS level - then you need an NTFS password to log in, a decrypt password to open and the Excel password to allow editing etc.

In other words - you need to define what you are trying to achieve and choose the appropriate toll at the appropriate level - "defence in depth"

Reg
0
 
LVL 3

Author Comment

by:pma111
ID: 39677415
Is it the NTFS "write" permission that allows a user to delete a file, my understanding was NTFS "read" permissions let them potentially open it but they couldnt move or delete it? Is that correct?
0
 
LVL 19

Expert Comment

by:regmigrant
ID: 39677460
Here's a summary of the various permissions
http://technet.microsoft.com/en-us/library/cc732880.aspx


You are correct that Read does not allow delete but in order to update you need to grant them Write - they still can't delete unless they also have modify (or full control) - however you would then be relying on Excel to prevent them from simply erasing the data in the file and saving it empty

Reg
0
 
LVL 81

Assisted Solution

by:byundt
byundt earned 1000 total points
ID: 39679617
Excel 2013 has more robust worksheet password protection (512 bit with a "salt") than previous versions. The password can no longer be cracked using the widely available Bob McCormick brute force macro originally posted (May 22, 2001) in the Microsoft newsgroups. You can still crack it with a manual method, but you have to know how.
0
 
LVL 27

Expert Comment

by:tliotta
ID: 39682937
Note that Write permission can effectively be the same as Delete, and potentially worse, since the file can be written with essentially no (useful) content. That is, in many cases, erasing content can be worse than deleting the file because there may be less indication that the file (content) is gone.

Tom
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

New style of hardware planning for Microsoft Exchange server.
In this modest contribution, I want to share with the IT community (especially system administrators, IT Support Engineers and IT Help Desks) about Windows crashes/hangs and how to deal with these particular problems.
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar. Int…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question