Returns or sets the password used to encrypt a BIFF8 (.xls) workbook on SaveAs. Setting a non-empty value produces an Excel-compatible password-protected file: Microsoft Excel, LibreOffice Calc, and other BIFF8 readers prompt for the password on open and refuse access when it is wrong. Read/write WideString. (Default value is empty string, available since v2.32.0.)
Syntax
property EncryptionPassword: WideString;
Remarks
The write path emits a BIFF8 FILEPASS record ($002F) immediately after the workbook BOF and RC4-encrypts every subsequent record body. The wire format is vMajor=1, vMinor=1 ("Office 97/2000 Compatible" encryption). 16-byte Salt and Verifier are generated through Windows CryptGenRandom rather than Pascal Random. Block-key re-derivation at every 1024-byte boundary is preserved so large workbooks, SST CONTINUE chains, and multi-sheet streams encrypt correctly.
Encryption applies to BIFF8 (xlExcel97) only — the BIFF5 save path remains plaintext. An empty EncryptionPassword keeps the legacy plaintext output and is the default, so existing applications that never call the setter are unaffected.
Security note: BIFF8 RC4 with vMajor=1/vMinor=1 uses a 40-bit key, which is considered broken by 2025 standards. Use this feature for compatibility with Excel's classic password-protection UI, not for confidentiality of sensitive data. For real security, prefer XLSX output with AES.
Example
This example saves a password-protected .xls file.
Workbook.EncryptionPassword := 'secret';
Workbook.SaveAs('Confidential.xls', xlExcel97);