Changing encryption settings for Microsoft Office 2010/2013
Before I tell you how, let me first repeat the advice from... everywhere... and say don't. Unless you have a really, really good reason, don't change the encryption settings from the default, because it's going to cause you a lot of headaches, and probably not provide much benefit.
Having said that, the encryption behavior in Office is controlled through the registry, so that's where you need to go.
-
You can use the Office Customization Tool.
-
The Office Customization Tool (OCT) reference for Office 2013 is here.
The OCT is available only with volume licensed versions of Windows Installer-based Office 2013, Office 2010, and the 2007 Office system.
- The document you quoted in your question is referencing options in the OCT, so that's probably why you can't find them - they're not configured through any particular Office application.
-
The Office Customization Tool (OCT) reference for Office 2013 is here.
-
Download and use the Office 2013 Administrative Template files.
-
The documentation for your available settings and what they do is here.
-
The documentation for your available settings and what they do is here.
- You can edit the registry.
- The registry key that controls the Office encryption settings is:
HKCU\Software\Policies\Microsoft\Office\14.0\Common\Security
- It's a
REG_SZ
data type, and the value should be something like:Microsoft Enhanced RSA and AES Cryptographic Provider,AES 128,128
- The formatting of the key value is comma separated values for the cryptographic provider, the encryption algorithm and key length.
- Changes to this key only take effect if you don't have crypto compatibility mode set (
HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\\Security\Crypto\CompatMode
- a value of1
means compatibility mode is on, a value of0
means it's off).
- It's a
- The registry key that controls the Office encryption settings is: