Re: Excel security
It is, thankfully
Mind you, after they stopped putting the password in plain text (office 7 or 10, not sure off the top of my head), they replaced it with a hashing system that had collisions. A *lot* of collisions. Very easy to brute-force with short strings, regardless of the password.
The current scheme in office 16+ is pretty decent, I think, but that might just mean no-one's pointed out the flaws yet.
(Anon because t' Computer Misuse Act says I ought not to know these things)