On Jul 24, 9:39*pm, wrote:
On Jul 24, 8:27*pm, Steven wrote:





I am currently in pain over the Sarbanes-Oxley rules and what they are
requiring. *I am not sure if I am so upset over the requirements or what
appears to be manangements and Sarbanes auditors lack of knowledge of how to
use excel. *The Sarbanes people want to throw more people at every issue and
my feeling is the real issue is their lack of knowledge of excel. *Here is a
general idea of my proposal. *I feel it would probably take care of half of
what they call deficiencies.

My question is how secure it this: *I have to send a pre formatted excel
file "File01" to 10 subsidiaries so they can input thier month end financial
data. *The file has 12 sheets. *I passworded each sheet and only made
unprotected cells where I want input. *I also passworded the workbook.. *I
also passworded the file. *Now to open the file I also send each user a
second file "File02", it's *sole purpose is to open the first file with code
which the VBA is also passworded. *What I am telling the Sarbanes-Oxley
people is the file is *secure and I will know if I get the correct File01
back becuase the first process when I open the file is to see if the file has
a password. *If they do not send me the correct file then either the file
will not open because it has the wrong password or they used another file
with no password which I will catch when I ask if the file has a password. *I
want to use this method because when I get the 10 files back I can do
basically anything I want with the data using macros to automate the combing
of data anyway that I want. *Question: *How secure is this method in that the
user will have to use File02 as the opening file to force use of File01 that
has file, workbook and worksheet protection. *How easy would it be for
someone to get past all that security? *Note: *I am thinking if they get past
the file password it will not do them any good because they will not be able
to get past the Workbook and Worksheet security. *I will also be testing each
files passwords for Workbook and Worksheet.

Thank you for your comments.

Steven

Steven,

Anyone who knows anything about password protection with Excel knows
that it's only to delay someone from really get into the bowels of
spreadsheets and if you really know what your doing it will only take
a few minutes... I can break any password Excel throws at me. Infact
if you Google "Excel password breakers" your going to get quite a few
different ones. I'd recommend instead of all these passwords that you
make specific to the computers domain, IP address (if possible not
static), and a password that changes on a daily basis...

If you look into the VBA code you can see that it states
"password=youpassword" change that into "password= TEXT(FORMAT(NOW,
"DDYYYYDDYY") that way the password constantly keeps changing and with
the other information -- you will be pretty good. The problem with VBA
password breakers is they can't detect formula driven passwords but
they can always reset them.- Hide quoted text -

- Show quoted text -

Also I should mention that I've really looked into this -- even having
a program to encrypt the contents of the a workbook and decrypt the
contents using a custom made encryption set. I even tried to dable in
retrieving the computers harddrive serial number (never got it to
work). Your best bet if you really want to make things secure is make
it so that the workbook shoots an e-mail to you each time it is opened
(and if your smart you can make it so that the changes get documented
in the e-mail on workbook close.) Something else to consider is maybe
having the workbook be controlled all through userform elements
(specifically the wonderful and awsome XML spreadsheet plug-in). With
enough practice you can get that spreadsheet to do 1000 times as much
as a basic spreadsheet. I'd recommend looking into using UserForms
with data pulled from a hidden webaddress and using DOS batch scripts
to FTP the changed data to a website...

This isn't going to be an easy thing to figure out (infact I just
learned how to do this and the complexity of my programs has gone up
dramatically). Which ever you choose (maybe if this out of your realm
you could always hire someone who knows what they are doing)...