Forum Discussion
Add secure additional workbook and worksheet protection Use MS account
Instead make the workbook protection including locking cells and editing printing all the features associated with locking a workbook and worksheet away from a password. Instead have it linked to the Microsoft User Account and therefore the workbook or worksheet can only be edited by the creator when they are logged into their account and open the workbook. The current password way is not secure as we all know.
If the formulas are encrypted (tied to our Microsoft account), then they never get decrypted on the end user’s machine, so there’s nothing for a hacker to inspect and steal. We would also need to lock or disable macros for untrusted users, VBa would also be hidden from those who are not logged into the creators MS account.
This would greatly enhance the security of how office files are shared. The option to use the existing password system could still be selected as an option for those users who prefer it. But add this method of protection in there for those who really need it secure. No additional software would need to be installed or anything. No Azure rights management or anything. No Purview. These features simply dont let a user open the document unless they have rights. We want to share excel files with other users but restrict what they can do with them.
Why using Microsoft Account would be more secure
Password hashes wouldn’t live inside the file anymore (as they do with current sheet/workbook protection, which is why VBA can brute-force them quickly).
Encryption keys could be tied to the user’s identity (e.g., your Microsoft account generates or retrieves a decryption key from Microsoft’s key service). Without that authenticated session, the file cannot be decrypted.
Cloud-backed key management would allow revocation — if your account is disabled or you revoke access, the workbook becomes unreadable.
Conditional access could apply (require MFA, only allow corporate devices, block risky sign-ins).
All creator data is tied to MS account and therefore undetectable and locked to any who are not the creator of the locked document.
5 Replies
Exactly I am asking for a new security feature that is unscalable.
And do not store the sheet and workbook protection with the excel file.
Excel only gives you two main built-in protection methods:
- Worksheet/Workbook protection with a password → (weak, easy to crack, mostly for accidental edits).
- File-level encryption with a password (File → Info → Protect Workbook → Encrypt with Password) → (stronger, but still password-based).
- Enterprise features like Azure Information Protection / Purview / IRM → (very secure, but requires enterprise subscription + admin setup).
At present, there’s no way to natively tie workbook/worksheet protection to a Microsoft Account login without using Azure Information Protection / Purview. Microsoft hasn’t built that exact "identity-based protection" option into personal or standard Excel — protection is either password-based (local) or cloud-managed via enterprise licensing.
The “identity-based encryption” you’re describing would require Excel to request decryption keys from Microsoft’s key service every time you open a file, tied to your Microsoft Account session. That’s exactly what Azure RMS / IRM does today, but not what personal Excel does out of the box.
If you want to share Excel files securely without weak password protection but without full enterprise rights management, here are the most realistic current options:
- Store the workbook in OneDrive or SharePoint, share via MS account permissions
- Use "Encrypt with Password" + Require MS Account for access
- IRM / Purview (if you’re in a corporate environment)
What you’re describing is actually a feature request that would sit in between “weak password protection” and “enterprise IRM”.
That doesn’t exist in Excel today. The closest is storing/sharing files through OneDrive/SharePoint with account restrictions, or using IRM in Microsoft 365 Enterprise.
My answers are voluntary and without guarantee!
Hope this will help you.
It would seem MS is quite aware of the need to improve this but has not done anything yet.
You're right — Microsoft has definitely heard this request. There are old UserVoice threads and TechCommunity posts asking for exactly what you described: protection tied to a Microsoft Account, not a password stored in the file.
For reference, you can look back at some of those discussions:
- TechCommunity Discussion: "Protecting an Excel File" – a thread where users discuss the limitations of current workbook protection.
- Hashcat Forum (Technical): This shows how easily worksheet protection passwords can be cracked by removing the XML node — proof that current "protection" is not real security.
- Microsoft Q&A on Password Security: Official discussion confirming that worksheet/workbook protection "isn't intended as a security feature" and that encryption is the only real protection.
- Newsoftwares Security Analysis: A detailed breakdown showing the difference between encryption (secure) and worksheet protection (just an XML flag, trivially bypassed).
The fact that Microsoft hasn't implemented account‑based protection in standard Excel suggests it's either a deliberate product differentiation (keeping IRM for paid enterprise plans) or a technical challenge around key management without forcing everyone into the cloud.
Your original answer was correct — no such feature exists today outside of Purview / Azure RMS. If I were replying to the user, I'd acknowledge their frustration, agree that the password method is broken, and then offer the closest practical workarounds:
- Store the file in OneDrive for Business or SharePoint, share only with specific Microsoft Account‑authenticated users, and combine that with "Encrypt with Password" as a second layer.
- If they have Microsoft 365 Business Premium or E3/E5, show them how to use "Restrict Access" (IRM) without full Purview governance.
- Suggest they submit or upvote a feature request in Microsoft Feedback (inside Excel → File → Feedback).
What you're asking for is completely reasonable from a security standpoint. It's just not something Excel can do natively yet without an enterprise license. If Microsoft ever builds that into personal Office, it would genuinely fix a long‑standing vulnerability.
My answers are voluntary and without guarantee!
Hope this will help you.
