This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
What is the default encryption type for Microsoft Word .docx files?
The Microsoft technet document on “Plan cryptography and encryption settings for Office 2010” makes the following 2 statements:
1. [In] Office 2010 when you encrypt Open XML Format files (.docx, .xslx, .pptx, and so on) the default values [are] — AES, 128-bit key length, SHA1, and CBC.
2. Excel, PowerPoint, and Word use Office 97/2000 Compatible encryption, a proprietary encryption method, to encrypt password-protected Office 97-2003 files.
Are those answers consistent? If not, Which answer is correct? And how can that be verified?
Also, is the default encryption type the strongest available? For example, is 256-bit key length available?
(I’m running Windows 7 Ultimate on a Sony S Series laptop. Word 2010 Professional.)
Below is the link and excerpts from the above technet document.
http://technet.microsoft.com/en-us/library/cc179125.aspx
Plan cryptography and encryption settings for Office 2010
About cryptography and encryption in Office 2010
Although there are Office 2010 settings to change how encryption is performed, when you encrypt Open XML Format files (.docx, .xslx, .pptx, and so on) the default values — AES (Advanced Encryption Standard), 128-bit key length, SHA1, and CBC (cipher block chaining) — provide strong encryption and should be fine for most organizations. AES encryption is the strongest industry-standard algorithm that is available and was selected by the National Security Agency (NSA) to be used as the standard for the United States Government. AES encryption is supported on Windows XP SP2, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008.
The following table lists the settings that are available to change the encryption algorithms when you use Microsoft Office versions that access CryptoAPI. This includes Office versions up to and including Office 2010.
| Setting | What it does | Default configuration | Group Policy object editor location | OCT location |
|---|---|---|---|---|
| Encryption type for password-protected Office Open XML files | Allows you to specify an encryption type for Office Open XML files. | Excel, PowerPoint, and Word use Office 97/2000 Compatible encryption, a proprietary encryption method, to encrypt<br> password-protected Office 97-2003 files. | Microsoft Office 2010\Security Settings\Trust Center\Protected View | Microsoft Office 2010\Security Settings\Trust Center\Protected View |
| Encryption type for password-protected Office 97-2003 files | Allows you to specify an encryption type for password-protected Office 97-2003 files. | Excel, PowerPoint, and Word use Office 97/2000 Compatible encryption, a proprietary encryption method, to encrypt<br> password-protected Office 97-2003 files. | Same location as previous policy setting. | Same location as previous policy setting. |
A family of Microsoft word processing software products for creating web, email, and print documents.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
Unfortunately, NSA endorsement is a dubious distinction for an encryption standard. The NSA primary ambition is eavesdropping, not user confidentiality. Don't take my word for it; read the news.
It's probably very late to reply to this post, i'll just comment on this one, that ".docx" is not the first time that the "office open xml" format is used by Microsoft, before this one (.docx) they came out with a similar one, which shared the same extension as the old ones, .doc , .xls, etc. , but written in the xml format.
So this is probably refered to this format (the one that came out between the old one and the new one), which by the way you can still use, and so it all make sense.
:)
First, thank you for your reply.
Your answer makes sense. That was my working assumption. However...
As I look again at the table from “Plan cryptography and encryption settings for Office 2010” (see excerpt below), I see that "Setting" applies to "Open XML files" (which is to say .docx, NOT .doc). So again, it seems to me there are 2 conflicting statments about default encryption type for the same .docx file type. Please let me know if I am missing something. Thanks.
| Setting | What it does | Default configuration | ||
|---|---|---|---|---|
| Encryption type for password-protected Office Open XML files | Allows you to specify an encryption type for Office Open XML files. | Excel, PowerPoint, and Word use Office 97/2000 Compatible encryption, a proprietary encryption method, to encrypt password-protected Office 97-2003 files. |
Well both seems correct, one is for the older .doc type of file and the other for .docx open xml files which are created in Office 2007 or Office 2010.