Your Litigation Response Plan should address information about password-protected files. When you request files or data from the other side, make sure to request electronic data in a "non‑password protected format". You don't want to deal with Word, Excel, or other file types that are protected with passwords and cannot be reviewed.

Similarly, your plans should establish how to produce file (native or otherwise) in a non‑password protected format.

Your Litigation Response Plan should include a checklist when you choose an e-discovery  vendor, to make sure they can handle password-protected files. Many of the vendors now have good password cracking software used in their processing  to un‑password protect files on the fly to make files searchable and reviewable.