Microsoft Office Tutorials and References
In Depth Information
You can see that the options mention signed macros. Digital signing is a way that the person who
creates a macro can “sign” it so the recipient can be assured that it comes from a trusted source.
You learn more about digital signatures later in this chapter. You can choose from four levels of
macro security, described here from the strictest to the least strict:
n No Warnings and Disable All Macros: No macros, whether signed or not, are ever run.
n Warnings for Signed Macros; Unsigned Macros Are Disabled: For a signed macro, the
program displays a warning and asks you if it should be run. Unsigned macros are never
run. This is the default macro security level.
n Warnings for All Macros: The program displays a warning for any macro, signed or
unsigned, and asks you if it should be run.
n No Security Check for Macros: All macros are run without a warning. For reasons
probably obvious, this level is not recommended.
It is recommended to maintain the default level of macro security for all Office programs. You can
always set a lower level temporarily if you want to run some unsigned macros from a trusted
Using Certificates and Digital Signatures
A certificate , also known as a digital ID , provides a higher level of security with Outlook. You can
use a certificate to send encrypted emails so that only the intended recipient can view the contents.
You can also use them to sign messages to prevent tampering and prove your identity. Finally, you
can use a digital ID in lieu of a username and password to access certain restricted web sites,
although this use is not relevant to Outlook.
Digital IDs are based on the technique of a public/private key pair . These are two long numbers
related to each other. You can use either key of the pair to encrypt data, and only people who have
the other key of the pair are able to unencrypt the data. When you have a digital signature, you
keep your private key secret and make your public key freely available. Then, here’s how it works:
n To send an encrypted message to someone, you use their public key to encrypt it. Only
they can unencrypt the message because no one else has their private key.
n To prove your identity, encrypt some data using your private key. When the recipient of a
message decrypts the data using your public key, if the data is intact they will know you
must have encrypted it because nobody else has your private key.
Digital certificates have expiration dates, typically one year after they are issued.
Obtaining a Digital ID
If you are using Outlook at work, your employer may provide a digital ID to you which you’ll
import as described in the next section. Otherwise, you can get your own. Digital IDs are provided