Saturday, November 04, 2006

How do I password protect a document?

From Pages '09, you set the password in the Document Inspector's Document pane.

In previous versions, you could not do it from Pages itself. The following describes ways to handle the problem with previous versions of Pages.

The safest way is to create an encrypted disk image using Applications > Utilities > Disk Utility, and put your document on that one. You get 128 bits encryption, which should be good enough for most purposes. Apple has more detailed instructions.

Using an encrypted disk image is more convenient than many people at first assume. It is high security. It is one password. And you can put a large number of different files on it (Pages, Numbers, pictures, mp3s...).

At first glance MS Word encryption seems simpler - just add a password to the document itself. However, it is not to be trusted. According to Microsoft themselves their passwords for file modification is not a security feature. It is a collaboration feature, and it can easily be hacked. According to Lastbit, no MS Office passwords before MS Office 2007 were secure. And with MS Office 2007, only the passwords for opening a document a document are safe.

From Pages you can get some kind of a Windows-compatible password protection by printing the document to PDF and encrypt it. However, neither you nor the reader will be able to easily modify the document. The encryption in the first versions of Leopard and earlier is just 40 bits RC4, which means it can be cracked with some patience. However, from Security Update 2008-002 (early 2008), the encryption is 128 bits RC4, which should be safe enough for most of us.

You could also use standard file system security (File > Get Info in the Finder), but any other user of the Mac with admin rights will be able to get to the file fairly easily. This kind of security is useless if you put the file on a memory stick or send it over the internet.

Also remember that no security mechanism is safer than the password you choose. If you choose "password" or the file name as password, it is easy for anyone to guess it and access the file content.

No comments: