 Yes, encryption in Word 2002 and 2003 IS secure if you know what you are doing.
 Encryption in Word 2007
is secure only for ".docx". For ".doc" it's NOT secure with
default settings
 Encryption in
Word 2002 and 2003 is NOT secure when used with default settings.
 Encryption in
Word 95, 97 and 2000 is NOT secure at all.
How safe is
Wordencryption. Is
Word encryption really secure?
 Strength of encryption algorithm
 Strength of password
 Password crackers
 How much time is needed to crack a password by bruteforce?
 Is Word encryption really secure?
This article
describes the strength of Wordencryption. Wordencryption is achieved by setting a
"password to open". The security level in
Word 2002 and 2003 depends on strength of encryption algorithm and
strength of password.
Strength of encryption algorithmIn Word 95, 97 and 2000 the encryption method contains vulnerabilities. This means that the document can be decrypted within 10 seconds without knowing the password. There are password crackers that even offer online services to do this.
In Word 2002 and 2003, the default encryption method is "97/2000 compatible", which means that the same insecure encryption method is used.
Fortunately there is a solution. To achieve good encryption, one has to select a strong encryption method. This is done by clicking the "Advanced" button next to the "Password to open" field. A list of available Crypto Service Providers (CSP's) appears.
Choose encryption type with strong encryption
capacity in Word
Here select a CSP with at least 128 bits RC4, like the "Microsoft Enhanced Cryptographic Provider v1.0". 128 bits encryption is considered strong encryption. RC4 is widely used, for example by Online Banking Systems and in PDF encryption.
Strength of password
If the encryption method is strong, the only way for a cracker to break the document security is by trying to find the password. It's important to know the difference between weak and strong passwords.
 A weak password is easy to guess or quick
to crack.
 A strong password is hard to guess but easy to remember. It has enough length and complexity.
Password crackers
Password crackers are automated tools dedicated to finding passwords. Usually the steps are:
 password guessing
 name of partner, child, pet animal, holiday destination, date of birth, etc. Someone who knows you is able to guess your password!
 Simple words or given names combined
with the numbers of the month are considered weak as well, e.g.
"welcome01", "Alex11", etc.
 dictionary attack (trying all words from a dictionary list, e.g. list of names)
 "qwerty", "letmein", "Aaron",
 brute force attack (if nothing else works: try every possible combination of characters) .
 "a", "b", "c", .., "aa", "ab", "ac", .. , "a1", "a$", "a{", etc.
 Short passwords (less than 5
characters) are weak because the number of possible combinations
is limited. These short passwords can be cracked within seconds.
How much time is needed to crack a password by bruteforce?
If the password cannot be guessed and is not found in a dictionary, the cracker has to try a bruteforce attack. When bruteforcing, the time to crack the password depends on the amount of possible passwords that the cracker has to try. The amount of possible passwords increases with password length and with increasing diversity of characters being used (complexity).
Let's take the scenario of a cracker trying 15 million passwords per second. This is currently the maximum speed being claimed by password cracker vendors. You need a pretty fast computer to achieve this. The following table shows the computed time to crack a password with 15 million tries per second. Notice the incredible increase in time to try all possible combinations when password length and complexity increase.
length: 4, complexity: az  ==> less than 1 second 
length: 4, complexity: azAZ09 + symbols  ==> 4.8 seconds 
length: 5, complexity: azAZ  ==> 25 seconds 
length: 6, complexity: azAZ09  ==> 1 hour 
length: 6, complexity: azAZ09 + symbols  ==> 11 hours 
length: 7, complexity: azAZ09 + symbols  ==> 6 weeks 
length: 8, complexity: azAZ09  ==> 5 months 
length: 8, complexity: azAZ09 + symbols  ==> 10 years 
length: 9, complexity: azAZ09 + symbols  ==> 1000 years 
length: 10, complexity: azAZ09  ==> 1700 years 
length: 10, complexity: azAZ09 + symbols  ==> 91800 years 
What we see is that:
 any password shorter than 5 characters can be cracked within 5 seconds
 any password shorter than 7 characters can be cracked within a day.
 With the password length of 9, the
cracking time goes to hundreds of years. In most cases this can be
considered acceptable while mostly we need to keep a secret for a
maximum of 30 years.
To be on the safe side, we recommend a minimum password length of 10 characters.
Note: the crack times mentioned in the table are needed to try all the possible passwords. There is a great chance that the cracker only needs 50% of this time. Also bear in mind that a cracker can always have a lucky shot at his first try and crack the password immediately. The chance is very small, but theoretically it is possible.
Is Word encryption really secure?Yes, encryption in Word 2002 and 2003 is really secure if you select
 a good Crypto Service Provider
 a strong password (combination of
charactersets with min. length of 10)
To assist you in
creating proper secured Worddocuments EncOffice
is recommended. EncOffice adds an encryption button to MSWord that makes all the complex security decisions for you and helps in creating a strong password.
EncOffice helps to create a really secure Word document.
Just click on the "Safe Encrypted" button.
You can open the encrypted document with a standard Word version

