Protecting Your Solution’s VBA Code

  • Article

This content is no longer actively maintained. It is provided as is, for anyone who may still be using these technologies, with no warranties or claims of accuracy with regard to the most recent product version or service release.

By default, the VBA code in a Word, Excel, FrontPage, Access, Outlook, or PowerPoint solution can be accessed by anyone who knows how to open the Visual Basic Editor. In the absence of any access security, any such user can open and alter your solution's code, potentially breaking it, or a malicious user or macro virus could add code that performs pranks or compromises the security of files and settings on a user's computer. There are four ways to control access to the VBA code in your solution:

  • You can set a password that is required before the VBA code in a document, template, or database can be viewed. This is called locking your document's VBA project. Your VBA code will still run, but can only be viewed by a user who knows the correct password.

  • To provide the highest level of security for your VBA code, use Microsoft Visual Basic version 6.0 to create a Component Object Model (COM) add-in. Because the VBA code in a COM add-in is compiled as a dynamic-link library (DLL), it can't be modified without access to the source code used to originally create it. Application-specific add-ins are not compiled; you must use the same protections as templates and documents.

  • In Access, you can save an .mdb or .adp file as a file type that contains only compiled VBA code without the source code. For .mdb files, this file type is called an .mde file; for .adp files, this file type is called an .ade file. VBA code in these file types still runs, but there is no way to view or modify the code.

  • You can use file-system access-control features to control what users can do with documents and templates.

This section discusses how to lock your solution's VBA project. For information about how to create COM add-ins, see Chapter 11, "Add-ins, Templates, Wizards, and Libraries." For more information about Access .mde and .ade files, see Chapter 18, "Securing Access Databases." For information about controlling access to files, see "Using File-System Access Control to Protect Access to Documents" earlier in this chapter.