Email secure form to customer?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

What are the downsides (if any) of emailing an MS Word form that is password
protected to a customer so that they can fill in sensitive information, save
it and then mail it back to me. I would tell the customer what the password
is over the phone.

I am trying to come up with a simple, inexpensive way for my customers to be
able to enter sensitive data electronically and at the same time protect
their data.

A couple of related questions:
1) I assume that the "reader" version of Word will not work for forms?
2) What if the customer has an older version of Word? What would I have to
look out for?

Thanks.
 
Speaking as a potential customer, I wouldn't touch it with a barge pole. I
won't trust my details to anything less than a certified https website
belonging to a known organisation (and not always, even then).

1. Practical problems: You'd have to use a different password each time, for
each customer. Which will likely make for practical problems at your end
(you send the document, customer loses it, you re-send with a new password,
customer returns the first version ...)

2. Quality of security: there are companies around that claim to be able to
crack Word document passwords (Google 'password cracking'). I'm sceptical of
their claims, but I wouldn't bet my bank account on it.

3. The system will be only as reliable as your internal computer security.
Personally, I wouldn't trust a company that uses Word passwords as a form of
security adequately to have protected its own computer system. (no
reflection on you -- this is just my general level of caution).

4. Not everyone has Word. And no, the Reader won't work.
 
Thank you for your very helpful reply. One followup question - are you
saying that the problem of cracking passwords is unique to Word, or would the
same apply to Excel, Adobe PDFs, or any object that is encrypted and password
protected?
 
Any password is crackable if you have the time and processing power. It is
simply a matter of checking every possible combination. If the encryption
level is high and the password long and complex, inevitably this will take a
long time. This is what the password crackers do. They try obvious sets of
words then move on to brute force methods. There are no backdoor shortcuts.
Don't be fooled by demos that work very quickly on four letter combinations.

--
<>>< ><<> ><<> <>>< ><<> <>>< <>><<>
Graham Mayor - Word MVP

My web site www.gmayor.com

<>>< ><<> ><<> <>>< ><<> <>>< <>><<>
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Back
Top