How to avoid Fast Save’s security breach

If you store sensitive data, you might be at risk, but not the way you think. I'm not talking about a virus or a hacker, but an Office feature that does exactly what it was designed to do.

As you work, you save changes -- frequently, if you're smart. For instance, if you delete text and save that change, you expect the text to truly be gone, right? It's a reasonable expectation. The text is no longer visible on your screen and you saved the change. Unfortunately, what you see on your screen doesn't represent what happens under the hood.

If the Fast Save setting is enabled (and that's the default), the application merely notes the deleted text. The application doesn't actually delete the text until the next time you open the file. Consequently, someone who knows about this behavior can use a text editor or Word's Recover Text feature to view text you deleted.

Sometimes, you just need to experience something to appreciate it fully:

  1. Open a PowerPoint presentation, insert a text box, and enter Here's some text; I'll delete some of it using Fast Save.
  2. Save the presentation.
  3. Highlight and delete I'll delete some of it.
  4. Click Save on the toolbar.
  5. Open Word and click Open on the Standard toolbar.
  6. From the Files Of Type drop-down list, choose Recover Text From Any File (*.*).
  7. Locate the PowerPoint presentation, select it, and click Open.

The file will contain a lot of information, but several lines down you'll find all the text, including the text you thought you deleted.


You don't need Word's Recovery feature either. You can open a file in most any text editor and find deleted text, although it'll probably be more difficult to locate.

If you don't see the deleted text, someone has already disabled the Fast Save feature as follows:

  1. Choose Options from the Tools menu and click the Save tab.
  2. Uncheck the Allow Fast Saves option.
  3. Click OK.

Now, admittedly, most of us aren't at risk for this problem. Someone would need to have access to the file at just the right time. In addition, most of us aren't storing sensitive data in a PowerPoint presentation, but this isn't just a PowerPoint problem. Any Office application using Fast Save hangs onto deleted text until you reopen the file.

Fast Save isn't available in Office 2007.