Digitally Sign a Microsoft Word Document
Before you begin digitally signing documents, please ask your Technical Support team to verify the digital signature settings on your computer by following the steps in the Verify Digital Signature Settings section below.
This guide will walk you through the steps for digitally signing a document in Microsoft Word 2010, 2013, or 2016 using your PIV credential or digital certificate.
Add a Digital Signature Using a Signature Line
- To add a digital signature, open your Microsoft Word document and click where you’d like to add your signature line.
-
From the Word ribbon, select the Insert tab and then click Signature Line in the Text group.
-
A Signature Setup pop-up box appears. Enter your information in the text fields and click OK.
-
Double-click the signature line.
-
A Sign pop-up box appears. At the X, type your name. Next, look at the Signing as: field. Select the signing certificate. To ensure that this is the correct certificate, click the Change button.
-
Click on Click here to view certificate properties.
-
The Certificate Details box appears. Go to the Details tab and scroll down to Key Usage. Single-click on it. The lower text box should now display Digital Signature, Non-Repudiation. If it does, then this is the right certificate. Click OK.
-
If this is the wrong certificate, click OK. Then click More Choices to see other certificates. Select another certificate and repeat these steps until you find the correct certificate.
-
Click the Sign button to sign the document. Insert your PIV card into the card reader. Enter your smart card (PIV) PIN and click OK.
- The Signature Confirmation box tells you that Word saved your digital signature. Click OK.
Once you’ve digitally signed your document, if you edit it, Word will remove the digital signature. Don’t worry. You can always go back to Step 1 and digitally sign it again.
Add an Invisible Digital Signature
You can add an invisible digital signature to prevent your name from appearing in a document.
-
Open your document and click the File tab.
-
Click Info and then click Protect Document.
-
From the Protect Document drop-down menu, click Add a Digital Signature.
-
Select a Commitment Type, such as created and approved this document, and then click Sign.
-
Insert your PIV card into the card reader. Enter your smart card (PIV) PIN and click OK.
-
The Signature Confirmation box tells you that Word saved your digital signature. Click OK.
Add Multiple Digital Signatures Using Signature Lines
Once you digitally sign a document, you can have others also digitally sign it. (Note: If you are the first approver, you should create the signature lines for all of the approvers. Then send the document to the second approver.)
-
If you are the second (or other) approver, open the document you’ve received. Double-click your signature line to sign. Follow Steps 4 through 10 from Add a Digital Signature Using a Signature Line.
-
A Signature Setup pop-up box appears. Enter your information in the text fields and click OK.
-
Double-click your signature line.
-
A Sign pop-up box appears. At the X, type your name.
-
Next, look at the Signing as: field. You should see your name and certificate information. If you don’t, click the Change button to select a different certificate and click Sign.
-
Insert your PIV card and enter your smart card (PIV) PIN. Click OK.
-
The Signature Confirmation box tells you that Word saved your digital signature. Click OK.
-
Send the digitally signed document to the next approver.
Each successive approver will be able to open the document and double-click the Signature Line with his/her name and complete the signing process.
Add Multiple Invisible Digital Signatures
Multiple approvers may digitally sign a document. Use the same procedures as you would to add one invisible digital signature: Add an Invisible Digital Signature.
The final approver will see multiple “invisible” signatures in the document.
View Digital Signatures
If you use Word 2013 and open a digitally signed Word 2007 or 2010 document, you may have compatibility issues.
You can view digital signatures in an incompatible Word document in one of two ways:
Click the View Signatures button just below the Word ribbon.
OR
Click the File tab and select Info. Then click View Signatures.
For either option, you will be able to see the digital signature details in the Signatures box.
Remove a Digital Signature
- If you want to remove a digital signature, open your Word document and go to the signature line.
- If there is no signature line, click the View Signatures button just below the Word ribbon.
- From the Signatures box, select the signature you want to to delete.
- Right-click on the signature and then click Remove Signature.
- When prompted, click Yes.
Verify Digital Signature Settings
Please ask your Technical Support staff for help. Administrator privileges are required for these steps.
By default, Microsoft Word uses the SHA-1 hash algorithm to generate digital signatures. The SHA-1 hash algorithm is no longer considered secure. More secure hash algorithms, such as SHA-256, should be used. (See NIST’s guidance on hash functions)
You can use either option below to verify/change the hash algorithm settings for Microsoft Office:
- Group Policy settings: Use Digital Signatures with Office 2016. (For additional information, consult Microsoft’s technical documents.)
- Computer registry settings. Change the Microsoft Office signature algorithm, as follows:
Word 2010: Computer\HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\14.0\common\signatures
Word 2013: Computer\HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\15.0\common\signatures
Word 2016: Computer\HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\common\signatures
- Add or update these values:
Value Name | signaturehashalg |
Value Type | REG_SZ |
Value | sha256 |
- Save the registry settings and restart the computer.
(For additional information, consult Microsoft’s technical documents.)