Forum Discussion
Add secure additional workbook and worksheet protection Use MS account
Instead make the workbook protection including locking cells and editing printing all the features associated with locking a workbook and worksheet away from a password. Instead have it linked to the Microsoft User Account and therefore the workbook or worksheet can only be edited by the creator when they are logged into their account and open the workbook. The current password way is not secure as we all know.
If the formulas are encrypted (tied to our Microsoft account), then they never get decrypted on the end user’s machine, so there’s nothing for a hacker to inspect and steal. We would also need to lock or disable macros for untrusted users, VBa would also be hidden from those who are not logged into the creators MS account.
This would greatly enhance the security of how office files are shared. The option to use the existing password system could still be selected as an option for those users who prefer it. But add this method of protection in there for those who really need it secure. No additional software would need to be installed or anything. No Azure rights management or anything. No Purview. These features simply dont let a user open the document unless they have rights. We want to share excel files with other users but restrict what they can do with them.
Why using Microsoft Account would be more secure
Password hashes wouldn’t live inside the file anymore (as they do with current sheet/workbook protection, which is why VBA can brute-force them quickly).
Encryption keys could be tied to the user’s identity (e.g., your Microsoft account generates or retrieves a decryption key from Microsoft’s key service). Without that authenticated session, the file cannot be decrypted.
Cloud-backed key management would allow revocation — if your account is disabled or you revoke access, the workbook becomes unreadable.
Conditional access could apply (require MFA, only allow corporate devices, block risky sign-ins).
All creator data is tied to MS account and therefore undetectable and locked to any who are not the creator of the locked document.
3 Replies
Exactly I am asking for a new security feature that is unscalable.
And do not store the sheet and workbook protection with the excel file.
Excel only gives you two main built-in protection methods:
- Worksheet/Workbook protection with a password → (weak, easy to crack, mostly for accidental edits).
- File-level encryption with a password (File → Info → Protect Workbook → Encrypt with Password) → (stronger, but still password-based).
- Enterprise features like Azure Information Protection / Purview / IRM → (very secure, but requires enterprise subscription + admin setup).
At present, there’s no way to natively tie workbook/worksheet protection to a Microsoft Account login without using Azure Information Protection / Purview. Microsoft hasn’t built that exact "identity-based protection" option into personal or standard Excel — protection is either password-based (local) or cloud-managed via enterprise licensing.
The “identity-based encryption” you’re describing would require Excel to request decryption keys from Microsoft’s key service every time you open a file, tied to your Microsoft Account session. That’s exactly what Azure RMS / IRM does today, but not what personal Excel does out of the box.
If you want to share Excel files securely without weak password protection but without full enterprise rights management, here are the most realistic current options:
- Store the workbook in OneDrive or SharePoint, share via MS account permissions
- Use "Encrypt with Password" + Require MS Account for access
- IRM / Purview (if you’re in a corporate environment)
What you’re describing is actually a feature request that would sit in between “weak password protection” and “enterprise IRM”.
That doesn’t exist in Excel today. The closest is storing/sharing files through OneDrive/SharePoint with account restrictions, or using IRM in Microsoft 365 Enterprise.
My answers are voluntary and without guarantee!
Hope this will help you.
