none
Safe code protection? RRS feed

  • Question

  • Hi, which is the safest way to protect your code for an Office 2010 add-in - a password protected vba add-in or a vsto add-in?

    Thanks, Peeter

    Thursday, September 8, 2011 8:43 AM

Answers

  • Unless you use an obfuscation software, .Net software is very easily hacked. I use this vendor's solution and I'm pleased with the result. http://www.secureteam.net/index.aspx It's pricey but so is my software and its asset value to my company. You should also read this thread: http://social.msdn.microsoft.com/Forums/en-US/vsto/thread/81be6cc4-11a7-402a-97cf-8124405510e4

    Regarding VBA security I think locking the code with a strong password and a Code 3 signing certificate is also very good protection. I'll be interested to see what others say about it as well. 

     


    Kind Regards, Rich ... http://greatcirclelearning.com
    • Marked as answer by Liliane Teng Sunday, September 18, 2011 10:53 AM
    Friday, September 9, 2011 1:28 AM
  • Hi Peeter

    I have no idea about the length of the password. General concensus is, it's not a terribly "strong" type of protection and that any decent password-cracking tool will be able to break it.

    Word macro code is always stored in binary file format, never as "clear text", so the Word application is required to read the code. The code also cannot be read via the VBE object model, when password protection is in force (I just double-checked that).


    Cindy Meister, VSTO/Word MVP
    • Marked as answer by Liliane Teng Sunday, September 18, 2011 10:58 AM
    Tuesday, September 13, 2011 9:03 AM
    Moderator

All replies

  • Unless you use an obfuscation software, .Net software is very easily hacked. I use this vendor's solution and I'm pleased with the result. http://www.secureteam.net/index.aspx It's pricey but so is my software and its asset value to my company. You should also read this thread: http://social.msdn.microsoft.com/Forums/en-US/vsto/thread/81be6cc4-11a7-402a-97cf-8124405510e4

    Regarding VBA security I think locking the code with a strong password and a Code 3 signing certificate is also very good protection. I'll be interested to see what others say about it as well. 

     


    Kind Regards, Rich ... http://greatcirclelearning.com
    • Marked as answer by Liliane Teng Sunday, September 18, 2011 10:53 AM
    Friday, September 9, 2011 1:28 AM
  • Hi Peeter

    I basically agree with what Rich says.


    Cindy Meister, VSTO/Word MVP
    Friday, September 9, 2011 8:48 AM
    Moderator
  • Thank you all,

    now I need to look deeper into these suggestions. One quick question though - in the vba-addin solution - how long a password is needed to make it safe? And, is cracking that long password the only way to get access to the code? (Maybe not that short a question :-))

    /Peeter

     

    Tuesday, September 13, 2011 7:02 AM
  • Hi Peeter

    I have no idea about the length of the password. General concensus is, it's not a terribly "strong" type of protection and that any decent password-cracking tool will be able to break it.

    Word macro code is always stored in binary file format, never as "clear text", so the Word application is required to read the code. The code also cannot be read via the VBE object model, when password protection is in force (I just double-checked that).


    Cindy Meister, VSTO/Word MVP
    • Marked as answer by Liliane Teng Sunday, September 18, 2011 10:58 AM
    Tuesday, September 13, 2011 9:03 AM
    Moderator
  • VBA code protection is trivial, and breakable manually in seconds.
     

    Enjoy,
    Tony
    www.WordArticles.com
    Thursday, September 15, 2011 2:30 PM