passwords in excel

Posted on 2013-11-26
Medium Priority
Last Modified: 2013-11-28
If a user has NTFS read, write, execute permissions to a spreadsheet (password protected), can they still delete the excel xlsx file? Or does the fact they have a password on the spreadsheet mitigate if a user can delete the file or not (not sure if there are numerous types of password one for access or one for stuff like move/delete etc)?

Are excel passwords still deemed to be quite weak and easily cracked - i.e. are NTFS more effeective than excel passwords for security.
Question by:pma111
LVL 19

Accepted Solution

regmigrant earned 1000 total points
ID: 39677383
The OS has no reference to the Excel password on a spread sheet, its only 'read' when Excel tries to open the file so the OS can always delete it because the permissions on the folder apply at the file level (regardless of application). - this is standard behaviour on every OS as far as I'm aware

You could use document management system (like sharepoint or a more grown up one) and a macro to ensure that a particular worksheet could not be deleted if it was marked appropriately.

As far the passwords themselves the passwords are more about preventing accidental (or malicious) updates by people who have been given access to the files rather than 'encryption' to keep people out of the file in the first place. So you need to decide which you want. A brute force attack would break an 8 digit password in a few hundred years.

The NTFS passwords are tougher to crack but still open to brute force by those with time and inclination.

The only way to both prevent unauthorised deletion and protect the content is to Encrypt the file at the OS level - then you need an NTFS password to log in, a decrypt password to open and the Excel password to allow editing etc.

In other words - you need to define what you are trying to achieve and choose the appropriate toll at the appropriate level - "defence in depth"


Author Comment

ID: 39677415
Is it the NTFS "write" permission that allows a user to delete a file, my understanding was NTFS "read" permissions let them potentially open it but they couldnt move or delete it? Is that correct?
LVL 19

Expert Comment

ID: 39677460
Here's a summary of the various permissions

You are correct that Read does not allow delete but in order to update you need to grant them Write - they still can't delete unless they also have modify (or full control) - however you would then be relying on Excel to prevent them from simply erasing the data in the file and saving it empty

LVL 81

Assisted Solution

byundt earned 1000 total points
ID: 39679617
Excel 2013 has more robust worksheet password protection (512 bit with a "salt") than previous versions. The password can no longer be cracked using the widely available Bob McCormick brute force macro originally posted (May 22, 2001) in the Microsoft newsgroups. You can still crack it with a manual method, but you have to know how.
LVL 27

Expert Comment

ID: 39682937
Note that Write permission can effectively be the same as Delete, and potentially worse, since the file can be written with essentially no (useful) content. That is, in many cases, erasing content can be worse than deleting the file because there may be less indication that the file (content) is gone.


Featured Post

7 new features that'll make your work life better

It’s our mission to create a product that solves the huge challenges you face at work every day. In case you missed it, here are 7 delightful things we've added recently to monday to make it even more awesome.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Are you looking to start a business? Do you own and operate a small company? If so, here are some courses you need to take before you hire a full-time IT staff.
Take advantage of one of the most useful technologies available - virtualization!
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question