MSOutlook.info

MSOutlook.info

Real World Questions, Real World Answers
Share your Outlook calendars, contacts, emails and tasks
in real-time without Exchange Server.
CodeTwo Public Folders

Password protect startup of an Outlook Mail Profile

I want to prevent unauthorized access to my emails.

Is there any way I can password protect the entire Outlook Mail Profile so people will be prompted for a password when opening Outlook?

Mail Profile Password buttonNo, you can’t password protect a Mail Profile but to some extend, you can password protect your pst-file storage or Exchange mailbox.

Both methods have their limitations though and alternative protection methods are recommended.

Password on a pst-file

Outlook PST-file buttonTo set a password on your pst-file, you must bring up the Properties dialog of the pst-file in Outlook.

  • Outlook 2003 and Outlook 2007
    File-> Data File Management…-> double click on your data file-> button: Change Password…
  • Outlook 2010, Outlook 2013 and Outlook 2016
    File-> Account Settings-> Account Settings…-> tab Data Files-> double click on your data file-> button: Change Password…

Password protect a pst-file
Leave the “Old password” field empty when no password has been set yet.

This password feature however shouldn’t be regarded as a sturdy protection mechanism though and it was never intended as such either.

The passwords are easy to crack via various tools such as Nirsoft PstPassword and the encryption of the pst-file itself isn’t based on the password either. In fact, multiple different passwords will actually allow access to the password protected pst-file.

Password protect Exchange mailbox

Exchange Account buttonThere is no way to protect the data store of an Exchange account as you can for pst-file. The Exchange data store is an ost-file and doesn’t hold the ability to password protect it.

While you can configure your Exchange account in some cases to always prompt for a password or never select the option to remember your password, it only applies to the connection to the Exchange server. When you would cancel the password prompt, Outlook will still grant you access to the already cached data on your computer.

The only way to fully password protect your Exchange mailbox would be to set the option to always prompt for the password (or never select the option for Outlook to remember your password) and to disable Cached Exchange Mode.

Disabling Cached Exchange Mode will however impact your user experience with Outlook as several features of Outlook will only work when Cached Exchange Mode is enabled.

It is therefor highly advisable to use one of the recommended alternative methods mentioned at the bottom of this guide.

Step 1: Disable Cached Exchange Mode

To switch the option “Use Cached Exchange Mode” on or off use:

  • Outlook 2003
    Tools-> E-mail Accounts…-> View or change existing e-mail accounts->  Next-> double click on your Exchange account
  • Outlook 2007
    Tools-> Account Settings…-> double click on your Exchange account
  • Outlook 2010, Outlook 2013 and Outlook 2016
    File-> Account Settings-> Account Settings…-> double click on your Exchange account

Step 2: Always prompt for credentials

To set the option to always prompt for logon credentials, click on the More Settings… button in while still in your Exchange account settings and select the Security tab.

Exchange - Always prompt for logon credentials
Setting the option: Always prompt for logon credentials.

Note: This option is not available when connecting to Exchange via the MAPI over HTTP protocol.

Step 2 Alternative: Remove cached credentials

To remove your Cached Credentials for Outlook use:

  • Windows 7
    Start-> Control Panel-> User Account-> Credential Manager-> Windows Vault
  • Windows 8 and Windows 10
    Right click on the Start button-> Control Panel-> User Account-> Credential Manager-> Windows Credentials

Here you can remove the credentials for your Exchange account. The credentials for Outlook start with “MS.Outlook”.

Note: When you are logged on to your computer with a domain account and you use the same credentials for Exchange, then logon is usually automatic and you won’t find any credentials for your account.

Recommended alternatives

Drive Encryption buttonAs mentioned previously, the local protection methods for pst-files and Exchange mailboxes have their limitations. You also can’t password protect data stored in IMAP, Outlook Hotmail Connector and Exchange Active Sync accounts.

Therefore, if you really want to protect your data, consider the following methods or a combination thereof instead.

  • Password protect Windows.
  • Lock your computer or log off when you are away (the keyboard shortcut to lock your computer is: Windows Logo Key + L).
  • Encrypt your entire disk via BitLocker or a 3rd party tool.

These methods will also protect all your other locally stored data and not just Outlook.