VBA macro to alter dialogues, super-protect workbook

Dear excel friends,

I've a file I would like to prevent being (a) decrypted and (b) the vba project password being broken by brute force.

Currently the workbook 1) opens with encryption password 2) requires users to enable macros to then unhide all vhidden sheets 3) with the save as command disabled and 4) individual sheets password protected. Unfortunately, and this is something I really don't understand, to me MS should have one additional layer of encryption superior to "password to open" and "password to modify" as this would simply(?) allow only authorised users to open/modify the file but not delete and therefore bypass the encryption passwords. If one protects the primary encryption, this also prevents the .zip unpack crack, no?

So, my logic with (a) is, is it possible with custom vba macro that if a user goes File > Info > Protect Workbook > Encrypt with Password (but to deactivate this), the custom vba code generates a further pop-up box with its own superior "you shall not pass" password which, if correct, only then allows one to change/delete the primary encryption password?

And, my logic for (b), a separate custom vba macro code to the above that for the vba project password pop-up changes that dialogue's cancel button to a "close excel" command?

Many thanks

The cold, hard fact is that ANY Excel workbook a user can open, a user can BYPASS ALL OTHER PROTECTIONS in that workbook.

If all worksheets start off very hidden except for a title page worksheet stating that the workbook must be opened with macros enabled, a user who could open the file with macros DISABLED would only see that worksheet AT FIRST. That user could then use VBA cracking code in other workbooks to break workbook protection and worksheet protection, then unhide all the worksheets. Unfortunately for you, the procedures to do this are fairly well known and easily available through web searches.

As for VBA project passwords, they're even easier to crack.

In short, any user who can open your workbook can remove any internal protections you try to impose. The only way to can achieve some level of true lock-down is by using .XLL and .DLL files for substantial parts of involved calculations. You could even add real-time authorization components to those. FWIW, I use @Risk at work, and my employer pays for a license for 10 simultaneous users. Past 10, the add-in won't load. You could perhaps use components in a .XLL or .DLL to perform checksums on the VBA project, and if it doesn't match the expected checksum, refuse to load/run. However, EXPECT everything in .XLS? files to be vulnerable to users who want to crack into them.

Hi hrIngrv

Thanks for the confirmation. Hopefully MS eventually sorts this out... I'll look into atRisk some more - the lead appreciated.

Regards