Excel 2010 VBA password protection / encryption?

**jmwbowen** · 10-03-2011, 09:56 PM

Hello,

I am curious about the strength of the Excel 2010 VBA password protection and if there are any ways to improve it.

I've read that the workbook encryption for Excel 2007 and above are strong if you change the default settings and use a very strong password, but that doesn't do me any good because my end user needs to have access to the workbook, so he will have the main encryption password anyways.

I want to be able to lock down the VBA portion of the workbook, and I've read that MS hasn't improved on that password protection any (it's still easily cracked).

I saw one website had an offering (paid) to "scramble" the VBA so that even if the password is cracked, the underlying code is unreadable.

This sounds fishy to me. Is it really possible to do that?

Anyways, my end result is to have a spreadsheet application in which the VBA makes it a "timed trial version" that, upon expiration, some of the non-essential functionality is disabled. This is useless if the VBA can be accessed and then the "trial version" code altered or removed.

Is it possible to TRULY protect the VBA code?

Thanks in advance,

Jason

**Mordred** · 10-04-2011, 12:20 AM

I'm just going to throw my own limited 2 pennies in on this and say that if someone really wants to get into your code bad enough, they'll find way. Look at MS operating systems as an example, there are always pirated versions out there which means that a fully protected anything is not really possible. For your module code, make ridiculously long passwords with both letters and numbers and store them someplace safe where you won't forget them. As for removing procedures with VBA, try what this link has to offer to see if it meets your requirements. If you could apply something like that to the Workbook_Open event to activate a select number of days from the initial open (I don't know if that is possible), you may be on track.

Good Luck

**romperstomper** · 10-04-2011, 05:01 AM

There are apps that will obfuscate your code by using gibberish names for variables and routines etc. which will certainly slow someone down. VBA itself will never be terribly secure (length/complexity of password being irrelevant); if you really need security for your code, you need to compile it into an executable and then call that from VBA.

**quekbc** · 10-04-2011, 05:40 AM

Am not too sure, but I've dealt with a VBA macro before that can't be opened. I.e. you can't expand the VBA project for that particular spreadsheet and it says something like "Project is unviewable." on a workbook that is NOT shared. Anyone else seen something like this?

With regards to VBA protection, to the average user, the protection there is sufficient. Give this to someone with determination to look at your code, it is definitely doable, regardless of how long your password is. With some know-how, it can be done in seconds. And as Mordred put it, there's no perfect protection out there, you just have to identify the risk, and choose whether or not to accept it.

**royUK** · 10-04-2011, 08:12 AM

I've seen what you mean, but posting how to would then allow others to reverse it!

**quekbc** · 10-04-2011, 08:24 AM

Good point Roy. I see the paradox. Though I am very curious to know more about it.

**sptee1** · 10-30-2011, 04:17 AM

I have been trying to lock my code (right-clicking on VBA Project Name from explorer bar on left of VBA Editor > Going to Project Properties > Going to Protection tab > Checking 'Lock Project for viewing' > Entering Password (twice) > Saving project > Saving Excel file > Closing and reopening). When I do this it does not protect VBA project. I can open it and view/edit it with no problem. When I go back to Project Properties, my 'Lock Project for Viewing' is no longer checked and the password boxes are empty. Advise Needed, Thank you.

**royUK** · 10-30-2011, 05:06 AM

Your post does not comply with Rule 2 of our Forum RULES. Don't post a question in the thread of another member -- start your own thread. If you feel it's particularly relevant, provide a link to the other thread.