Share via

Encryption for Password Protected Sections

I just saw this question on an internal mailing list so I thought I would pass it on to the blogging community. The question was:

    What underlying security technology is used to protect OneNote content with passwords?

Well the answer is:

OneNote uses 3DES encryption, with 192 bit key length. We do encrypt all the content that you enter into the page, so once protected there is no way for someone to read it without knowing (or guessing) the password.

What that means is the longer the password and the more complex the better. It takes some time but people can still brute force an attack on your files by guessing your password. Note that you cannot unlock password protected sections via the OneNote 2007 API. You just can't get to it unless the user opens OneNote and unlocks the password (even then they can still lock out API apps from getting encrypted content).