Keep your documents always-encrypted
Ultimately secure storage, editing and collaboration in the cloud
It's all about data security
Data is the world’s most valuable resource. At ONLYOFFICE, we realize that data security is a burning issue for most companies, especially when it comes to documents.

To affirm transparency and reliability of ONLYOFFICE, we opened its source code. Now we decided to move forward and provide users with stronger and securer way to work with documents online based on the unique layered encryption technology.
Unique cryptographic technology used in ONLYOFFICE
Reliable document encryption
ONLYOFFICE uses the AES-256 encryption algorithm to provide stronger security for working with documents online. All temporary local files are encrypted as well.
Support for all key formats
ONLYOFFICE works and encrypts Office documents of all key formats: DOCX, XLSX, PPTX, ODT, ODS, ODP, PDF.
Flexible access rights management
ONLYOFFICE offers different levels of access rights. You can grant access to review documents, or leave comments only, or fill out added fields, etc.
Encrypted real-time co-editing
ONLYOFFICE encrypts the data transfer while collaborating on documents online that prevents outsiders from being able to read or understand the changes you or your co-authors make.
High security data storage
ONLYOFFICE stores document data, including passwords and access rights in the encrypted form using private databases within your network.
How it works: technical background
ONLYOFFICE uses AES-256 to encrypt your files and data transfer while collaborating and your private database to store and transfer the passwords.
Enabling encryption
Currently the end-to-end encryption is available through ONLYOFFICE desktop applications - ONLYOFFICE Desktop Editors v.5.4 or later available for Windows, Linux, and Mac OS.

To start encrypting your documents, you must log in to ONLYOFFICE cloud in the Connect to cloud section of ONLYOFFICE Desktop Editors.

The next step is to obtain a pair of encryption keys that are involved in encryption and the decryption of documents. The public key is used for encrypting the documents for a particular user and is stored in the private database on the ONLYOFFICE portal. The private key is used for decrypting the documents and is stored locally on user’s machine.

To generate this pair of keys, use the corresponding command in the end-to-end encryption section of the application.
Enabling encryption
Each document is encrypted with its one, unique AES 256-bit key.

Each key is then protected with asymmetric encryption (using your public key) and together with a unique UUID as a file name and the author address is stored in the ONLYOFFICE portal’s private database.

Once encrypted, you can store your documents on your favorite cloud storage and be sure that no one has access to your document content.

To resume working on your document with ONLYOFFICE, no password should need to be inserted. With the end-to-end encryption enabled, the document will be decrypted automatically using your private key.
Sharing and co-editing encrypted documents
Only server solutions (ONLYOFFICE Enterprise Edition) provide the encryption functionality for private collaboration. The end-to-end encryption is supported since version 5.4 of Document Server and 10.5 of Community Server.

When you connect your desktop application with encryption enabled to the cloud, your public key is saved to the database used for ONLYOFFICE data storage. This key will be used if one decides to share a document with you.
To start co-editing encrypted documents, all co-authors must be connected to the cloud trough their desktop applications with the end-to-end encryption enabled. No passwords should need to be exchanged for sharing and collaboration.

The document password encrypted using your public key will be automatically decrypted with the help of your private key.
Get started
Step 1. Deploy ONLYOFFICE Enterprise Edition on your own server.
Step 2. Install the latest version of ONLYOFFICE Desktop Editors.Download now
Step 3. Connect the desktop application to ONLYOFFICE in Connect to cloud section.
Step 4. Go to E2E Encryption section and click the Generate the encryption data button.
Step 5. Enable the encryption mode and start editing and co-editing your documents privately.
See our complete end-to-end encryption guide