Quick overview shows most of the major text editing packages (word, openoffice) have at least attempted to implement symmetric encryption for password protected documents. Word uses RC4-128, in 2005 it had a seriously broken implementation but it looks like the flaw wouldn't have an effect in this specific case since it requires at least two different versions of the same encrypted file (there are probably other problems with their implementation but this is the big one). Open Office uses Blowfish-128 and looks like it was properly implemented as far as I can tell. In both cases I just did a quick glance. The thing to take from this though is that although it is horribly worse than using GPG, a password protected text document might not be the end of the world. The thing to ask now is, was the password exchange secure, and was the password highly entropic? If the password exchange was done securely and the password was strong, I would bring my concern level down from 10 to 5, now that I know it was in a password protected document at least. If she put it in an Open Office document and used a 128 bit password that she shared with you face to face, it seems unlikely that the feds can ever decrypt it even if they seize it. Looks like Libre Office uses AES-256, but it is a bit harder to find info for the open source ones (Microsoft Word is easy to find info for since it seems it has been attacked and defeated a few times, in specific circumstances). In the case of Libre Office especially, followed by Open Office, followed by Microsoft Word, it is possible that the symmetric encryption is about on par with that used by GPG. But GPG does a few things besides symmetric encryption. For one it generates a truly random session key that is entropic enough to realize the maximum potential of the symmetric algorithm, and for two it uses RSA to secure encrypt the session key while it is in transit. So if we assume that whatever text editing program used actually has a good implementation of whatever symmetric algorithm it uses for data encryption, then the security falls to the two other things that GPG provides. So, if the password was really entropic then it could be close to the randomly generated GPG session key (unlikely that it is but it could be, it could even be just as entropic), and the exchange of the password. If she sent the password with the document then obviously it is fucked. If she used GPG to send you the password then actually the transfer of the session key (password) will have equal security to a regular GPG session key transfer, and if she used OTR the security will be that of OTR. If she told it to you face to face it is better yet. Assuming we are lucky and the text editing program uses a good implementation of its symmetric algorithm, and she sent you the password in a secure way, then the security is that of the password used to encrypt the document, hopefully it is at the very minimum 80 bits (over 100 would be better). If the heavens are smiling upon your customers, the feds may be able to obtain the document and not decrypt it. It looks like at least Libre uses a PBKDF with some iterations, so should stretch the password strength out a little.