How to Backup Outlook Classic Emails (w/Examples) + FAQs

Backing up Outlook Classic emails means copying your mailbox data — messages, calendars, contacts, tasks, and notes — into a safe, separate file or cloud location so you can restore it after a crash, ransomware attack, accidental deletion, or account lockout. The fastest way to do it on a Windows PC is to open Outlook Classic, go to File → Open & Export → Import/Export → Export to a file → Outlook Data File (.pst), pick your mailbox, and save the .pst to an external drive or cloud folder, as described in the official Microsoft Outlook export guide.

The problem is that Microsoft does not back up your mailbox for you in a way most users expect. Microsoft’s Services Agreement section 6(b) tells users to maintain their own backup, and the Microsoft 365 shared responsibility model makes data protection the customer’s duty. If you lose a mailbox and have no backup, you may trigger spoliation sanctions under Federal Rule of Civil Procedure 37(e), HIPAA penalties under 45 CFR 164.308(a)(7), or SEC fines under Rule 17a-4.

According to the 2024 Veeam Data Protection Trends Report, 75% of organizations suffered at least one ransomware attack in the prior year, and email was the top entry point. That single statistic shows why every Outlook Classic user — from a solo realtor to a Fortune 500 IT admin — needs a real backup plan today.

Here is what you will learn in this guide:

• 📦 How to export a full Outlook Classic mailbox to a .pst file in under 10 minutes.
• 🔐 Which federal laws (HIPAA, SEC 17a-4, FINRA 4511, SOX 802, FRCP 37(e)) force you to retain email and for how long.
• ☁️ How cloud-to-cloud backup tools like Veeam Backup for Microsoft 365 protect mailboxes your PST cannot.
• 🛠️ Step-by-step methods to convert an orphan .ost file back into a readable .pst.
• ⚠️ The 7 most common backup mistakes that destroy restorable mailboxes — and how to avoid each one.

What “Outlook Classic” Actually Means in 2026

Outlook Classic is the traditional Win32 desktop client that Microsoft has shipped since the 1990s, now distinguished from the New Outlook for Windows app that Microsoft began rolling out in 2023. Classic Outlook stores mail locally in .pst or .ost files, supports COM add-ins, and works with POP, IMAP, Exchange on-premises, and Microsoft 365 accounts. Microsoft’s Outlook roadmap confirms Classic will remain supported through at least 2029 for enterprise customers with Microsoft 365 Apps for Enterprise.

The backup picture differs sharply between the two clients. Classic Outlook gives you the Import/Export Wizard, AutoArchive, and direct access to .pst files on disk. New Outlook, by contrast, is a thin web wrapper and does not support .pst export at all as of April 2026, a limitation Microsoft acknowledges in its New Outlook feature comparison page. That gap is the main reason IT administrators delay the Classic-to-New migration.

A common misconception is that keeping mail in Microsoft 365 is the same as backing it up. It is not. The consequence of believing that myth is permanent data loss after a 30-day deleted-items purge, a retention-policy misconfiguration, or a malicious insider deletion. A real-world example: in 2023, a mid-size Houston law firm lost 14 months of partner email when an admin applied a 30-day retention tag to the wrong mailbox, and Microsoft support declined to recover it because the retention policy behavior is documented and deliberate.

Classic vs. New Outlook vs. Outlook on the Web

Understanding where your data lives drives the backup method you pick. Classic Outlook caches data locally, which gives you an offline copy you can grab with file-level tools. New Outlook and Outlook on the Web keep nothing meaningful on disk, so you must back up from the cloud side. The consequence of confusing these clients is choosing a backup tool that silently captures nothing.

A plain-English way to think about it: Classic is a filing cabinet in your office, New Outlook is a window into a filing cabinet in Redmond, and Outlook on the Web is the same window from any browser. You can photocopy the cabinet in your office. You cannot photocopy a window.

Where Outlook Classic Stores Your Mail

On Windows 11, Outlook Classic keeps .pst and .ost files at C:\Users\<you>\AppData\Local\Microsoft\Outlook\ by default, a path Microsoft documents in its Outlook data files article. The .pst file holds POP3 mail and archived data you can move freely. The .ost file is an encrypted cache tied to one Exchange or Microsoft 365 profile and cannot be opened on another machine without conversion.

The consequence of copying an .ost file thinking it is a backup is discovering — usually during a crisis — that Outlook refuses to open it on the new computer. The real-world example: Mark, a solo CPA in Dallas, copied his .ost to a thumb drive before buying a new laptop, then found he could not restore a single client email until he paid $49 for a third-party .ost-to-.pst converter. Always export to .pst before you wipe or replace a PC.

Why You Must Back Up Outlook Classic (Federal Law First)

Federal law imposes real email-retention duties on specific industries, and violating them creates immediate financial and criminal consequences. Attorneys, brokers, healthcare providers, and public-company officers all face rules that demand readable, tamper-evident email archives for years. Losing a mailbox without a backup can convert a routine discovery request into sanctions, fines, or license revocation.

The plain-English rule: if your work touches money, medicine, law, or publicly traded securities, you must keep email in a form you can produce on demand. The consequence of ignoring this duty is not theoretical — regulators have assessed eight-figure penalties on firms that could not produce messages. A common misconception is that retention rules apply only to large enterprises; they apply to any registered entity, including a two-person RIA.

FRCP Rule 37(e) and Spoliation Sanctions

The Federal Rules of Civil Procedure Rule 37(e) lets a federal judge impose sanctions when a party fails to preserve electronically stored information that “should have been preserved in the anticipation or conduct of litigation.” Sanctions range from adverse-inference jury instructions to outright case dismissal, as courts applied in Moody v. CSX Transportation, 271 F. Supp. 3d 410 (W.D.N.Y. 2017). The consequence of a spoliation finding is not only losing the case but often paying the opposing side’s legal fees.

A real-world mini-scenario: Rachel, a realtor in Miami, deletes a year of client email to free up space on her laptop two weeks after a buyer threatens to sue over a disclosure issue. Under Rule 37(e), the plaintiff’s lawyer can ask the court to tell the jury that the deleted emails “would have been unfavorable” to Rachel. A cheap .pst backup made the prior Sunday would have eliminated the risk entirely.

HIPAA 45 CFR 164.308(a)(7) Contingency Plan Rule

HIPAA’s Security Rule at 45 CFR 164.308(a)(7) requires covered entities and business associates to implement a data backup plan, disaster recovery plan, and emergency mode operation plan for electronic protected health information, which includes clinician email. Failure to back up PHI-bearing email can trigger OCR civil money penalties up to $2,134,831 per violation category per year, per the 2024 HHS penalty adjustment. The consequence of non-compliance is not just the fine but the HHS Wall of Shame public breach listing.

A named example: Dr. Patel, an internist in Phoenix, uses Outlook Classic to exchange referrals with specialists. If ransomware encrypts her PC and she has no PST backup, she has no way to reconstruct who received what lab result, which is itself a reportable breach.

SEC Rule 17a-4 and FINRA Rule 4511

SEC Rule 17a-4(b)(4) requires broker-dealers to preserve business communications, including email, for at least three years, the first two in an easily accessible place. FINRA Rule 4511 parallels the requirement and ties it to FINRA’s books and records guidance. In 2022, the SEC fined 16 Wall Street firms a combined $1.1 billion for off-channel communications recordkeeping failures, per the SEC press release.

The consequence of missing a 17a-4 exam production is a deficiency letter, a fine, and often a principal’s personal bar. A common misconception is that the three-year clock starts at deletion; it starts at creation, so a message written January 1, 2024 must be producible through January 1, 2027.

SOX Section 802 and Public-Company Records

Sarbanes-Oxley Section 802 criminalizes the knowing destruction of records “in relation to or contemplation of” a federal investigation, with penalties up to 20 years in prison. Auditors and public-company executives must keep work papers, including email, for seven years under the companion rule at 17 CFR 210.2-06. The consequence of a SOX 802 conviction is criminal, not civil, and it attaches to the individual, not just the firm.

The Six Ways to Back Up Outlook Classic

There are six reliable paths, and each one fits a different use case. Picking the wrong one wastes hours and often produces an archive you cannot restore. Walk through all six before you commit to a workflow.

Method 1 — Export to a .pst File (Import/Export Wizard)

The Import/Export Wizard is the official Microsoft-supported path and the right default for most home users and small businesses. Open Outlook Classic, click File, then Open & Export, then Import/Export, then Export to a file, then Outlook Data File (.pst), pick the top-level mailbox, check Include subfolders, save to an external drive, and set a password, as Microsoft walks through in the export PST tutorial. The consequence of skipping Include subfolders is capturing only the Inbox and missing every sub-folder a user built.

A real-world example: Maria, a solo CPA in Austin, runs the wizard every Friday at 5 p.m. to a BitLocker-encrypted USB drive, then swaps the drive with one stored in her fireproof safe. Her entire annual backup cost is $40 in drives and about 15 minutes a week.

Method 2 — AutoArchive for Rolling Backups

AutoArchive moves old items from your primary mailbox into a secondary .pst at scheduled intervals, reducing mailbox size while keeping data local. Enable it in File → Options → Advanced → AutoArchive Settings, as documented on the AutoArchive support page. The consequence of using AutoArchive as your only backup is that it moves items instead of copying them, so a corrupted archive takes the original with it.

A named example: David, an IT admin at a 50-attorney firm in Chicago, pushes an AutoArchive Group Policy that rolls items older than 12 months into a network-share .pst, then runs Veeam Backup & Replication against that share every night. This two-tier design keeps active mailboxes fast and compliant copies immutable.

Method 3 — Drag and Drop to a Local Folder

You can select messages in Outlook Classic and drag them into a Windows Explorer folder to create .msg files, one per message. This path preserves attachments, headers, and formatting, and it is the only method that produces single-file artifacts a paralegal can review without Outlook. The consequence of drag-and-drop for large mailboxes is NTFS path-length errors once you exceed 260 characters, per the Windows MAX_PATH documentation.

A mini-scenario: a litigation paralegal named Jenna drags 1,200 messages tagged “ProjectX” into a case folder, then hands the folder to opposing counsel on an encrypted thumb drive as a Rule 34 production.

Method 4 — Microsoft 365 eDiscovery Export

Global admins with an E5 license or Microsoft Purview eDiscovery Premium can run a content search across any mailbox and export results as PST. This is the correct method when a user has left the company and the local profile is gone. The consequence of relying only on eDiscovery is the license cost — Purview Premium runs roughly $10–$15 per user per month on top of the base plan, per the Microsoft 365 plans page.

Method 5 — Third-Party Backup Tools

Tools like Stellar Converter for OST, Kernel for OST to PST, SysTools OST Recovery, and Aryson OST to PST Converter extract mail from orphaned .ost files that Outlook refuses to open. The consequence of using an unvetted freeware converter is the real risk of data leakage, since the tool reads cleartext PHI or privileged content. Always pick vendors with a SOC 2 Type II report on file.

Method 6 — Cloud-to-Cloud Backup Services

Services such as Veeam Backup for Microsoft 365, Barracuda Cloud-to-Cloud Backup, Dropsuite Email Backup, and Spanning Backup for Microsoft 365 snapshot your mailbox directly from the Microsoft Graph API, bypassing the local Outlook client entirely. The consequence of skipping cloud-to-cloud is discovering, during a ransomware event, that your only backup is on the same laptop the ransomware encrypted.

Step-By-Step: Exporting Outlook Classic to .pst

The .pst export is the single most useful skill any Outlook Classic user can learn. Walk through it once under calm conditions and you will never panic during a real outage. Each step below has its own failure mode, so read them all before you click.

Step 1 — Close Running Outlook Add-ins

COM add-ins can lock the mailbox and cause the export to fail partway through, per the Outlook add-in troubleshooting guide. Open File → Options → Add-ins → Go, uncheck everything, and restart Outlook in online mode. The consequence of leaving Zoom, Grammarly, or Teams add-ins active is a PST that stops at 4 GB and silently omits later folders.

Step 2 — Run the Import/Export Wizard

Click File → Open & Export → Import/Export, pick Export to a file, then Outlook Data File (.pst). Select the root of your mailbox (not just the Inbox) so you capture Contacts, Calendar, Tasks, Notes, and Journal. The consequence of exporting only the Inbox is losing every appointment and contact, which you may not notice for months.

Step 3 — Choose Duplicate Handling and Password

Select Replace duplicates with items exported, then set a 16-character password with the option to not save the password in Outlook’s password list. Microsoft explains the PST password limits, including that the password scrambles but does not strongly encrypt the file. For sensitive data, place the .pst inside a VeraCrypt container or a BitLocker-encrypted drive.

Step 4 — Save to an External or Cloud Destination

Save the .pst to a drive not attached to your daily PC, whether that is a USB-C SSD or a Backblaze B2 bucket mounted via rclone. The consequence of saving the PST next to the original .ost is that a single ransomware event encrypts both copies.

Step 5 — Verify the Backup by Re-Opening It

Open Outlook Classic, click File → Open & Export → Open Outlook Data File, browse to the new .pst, and confirm every folder loads and a random sample of messages opens. The consequence of skipping verification is keeping a corrupt backup for six months before you discover it. Schedule a quarterly restore drill on your calendar.

Three Real-World Backup Scenarios

Abstract rules click into place when you watch them play out. Each of the following scenarios is drawn from common 2025–2026 support tickets and illustrates a different failure mode.

Scenario A — The Laptop That Died on Tax Day

Scenario B — The Ransomware Attack on a Law Firm

Scenario C — The Ex-Employee and the Missing Mailbox

Three Named Examples in Action

Real names and real goals make the rules memorable. Each person below uses a different combination of the six methods.

Maria, Solo CPA in Austin, Texas. Maria needs to meet Texas State Board of Public Accountancy Rule 501.76 record-retention duties and IRS Circular 230 client-file rules. She runs the Import/Export Wizard every Friday to an encrypted USB and runs an IDrive cloud copy nightly.

David, IT Admin at a 50-Attorney Chicago Law Firm. David must satisfy ABA Model Rule 1.15 and Illinois RPC 1.15 safekeeping rules, plus FRCP 37(e) preservation. He runs AutoArchive to a network share, Veeam Backup for Microsoft 365 to Azure Blob with immutability locks, and quarterly restore drills.

Rachel, Independent Realtor in Miami, Florida. Rachel falls under Florida Statute 475.5015 broker record-keeping for five years. She uses Microsoft 365 Business Basic, runs Dropsuite cloud-to-cloud, and monthly drags her “Closed Deals” folder to an encrypted external SSD.

Mistakes to Avoid

Small missteps turn backups into paperweights. Fix these seven before you schedule another export.

• Treating the .ost file as a backup. The .ost is tied to one profile and will not reopen elsewhere, leaving you with an unusable cache when the PC dies.
• Storing the .pst on the same drive as the live mailbox. One ransomware event encrypts both, so keep at least one copy off the device.
• Skipping verification. Unopened backups fail silently for months; always test-mount the .pst after every export.
• Exporting only the Inbox. You lose Calendar, Contacts, Tasks, and sub-folders, which are often the most valuable data.
• Trusting Microsoft’s 30-day recycle bin as long-term storage. Microsoft’s retention defaults purge deleted items, and support will not restore them.
• Using free OST converters from unknown vendors. Many exfiltrate mail content, creating HIPAA or attorney-client privilege breaches.
• Setting no password or a weak one. A PST with a four-digit password falls to free cracking tools in seconds, per NIST SP 800-63B.

Do’s and Don’ts of Outlook Classic Backups

Simple rules prevent complicated problems. Follow these ten items and you will solve 90% of real-world backup failures.

• Do schedule weekly .pst exports and monthly verification restores, because untested backups are not backups.
• Do encrypt every backup destination with BitLocker, VeraCrypt, or provider-side AES-256, since PST passwords alone are not strong encryption.
• Do keep three copies on two media with one off-site, which is the classic 3-2-1 backup rule CISA recommends.
• Do document your backup procedure in writing, because a runbook lets another person restore when you cannot.
• Do run cloud-to-cloud backup for every Microsoft 365 mailbox, because Microsoft’s shared-responsibility model puts recovery on you.
• Don’t rely on Outlook’s AutoArchive alone, since it moves rather than copies and can lose data if the archive corrupts.
• Don’t store PSTs on network shares without backing up the share itself, because a share-level ransomware hit erases everything.
• Don’t reuse the same USB stick for years, since flash cells fail silently and you will not know until a restore fails.
• Don’t skip patching Outlook, because a 2023 CVE-2023-23397 zero-click exploit leaked NTLM hashes from unpatched clients.
• Don’t delete the prior backup until the new one is verified, since an interrupted export can produce a zero-byte PST.

Pros and Cons of Each Backup Method

Every method trades cost for coverage. Match the trade-off to your risk tolerance.

• PST Export Pros: free, Microsoft-supported, portable, works offline, gives you a single-file artifact you fully control.
• PST Export Cons: manual, easy to forget, password is weak, 50 GB soft cap per Microsoft PST limits, no incremental snapshots.
• AutoArchive Pros: runs unattended, shrinks primary mailbox, keeps local copies accessible, easy Group Policy deployment.
• AutoArchive Cons: moves instead of copies, single point of failure, no versioning, corrupts silently if power fails mid-archive.
• Cloud-to-Cloud Pros: daily automated snapshots, granular restore, ransomware-isolated storage, multi-mailbox bulk recovery.
• Cloud-to-Cloud Cons: recurring subscription cost, vendor lock-in, requires admin setup, needs SOC 2 due diligence on the vendor.
• Drag-and-Drop .msg Pros: produces portable single-file artifacts, perfect for Rule 34 litigation productions, no special software needed.
• Drag-and-Drop .msg Cons: slow for large mailboxes, hits Windows 260-character path limit, no metadata index, easy to misplace.
• eDiscovery Export Pros: captures mailboxes without user cooperation, perfect for offboarding, integrates with legal holds.
• eDiscovery Export Cons: requires premium licensing, slow for large tenants, admin-only, export window has soft throttles.

Converting an Orphan .ost Back to .pst

When a PC dies and the user only saved the .ost, you still have a chance. The .ost is encrypted with the Outlook profile’s MAPI keys, so you cannot open it directly, but third-party converters read the internal tables and rebuild a .pst. Run Stellar Converter for OST or Kernel for OST against the orphaned file and save the output to a separate drive.

The consequence of skipping conversion and trying to attach the .ost to a new profile is an immediate “file is not an Outlook data file” error, per the Microsoft OST support note. A named example: when Mark’s Dallas CPA laptop died, a $49 Stellar license recovered 4.8 GB of client email in 20 minutes, an effort he would have skipped entirely if he had run the weekly Import/Export Wizard.

Restoring an Outlook Classic Backup

A backup you cannot restore is not a backup. Restoration is a separate skill and needs its own rehearsal.

Restoring a Full .pst

Open Outlook Classic, click File → Open & Export → Open Outlook Data File, select the .pst, and the file attaches as a second mailbox in the folder pane. To merge restored items into the live mailbox, use File → Open & Export → Import/Export → Import from another program or file, pick the .pst, and map folders as Microsoft explains in the import PST guide. The consequence of choosing Replace duplicates when you meant Do not import duplicates is overwriting newer messages with older restored ones.

Restoring Selected Items Only

Drag individual folders or messages from the attached .pst into the live mailbox. This path avoids mass duplicates and is the right call when you need only a single thread. The consequence of bulk-importing a 20 GB PST to fix one missing email is a sync storm that can throttle the entire tenant for hours.

Restoring After Ransomware

Never restore into the infected machine. Stand up a clean Windows image, patch it, install Outlook Classic fresh, then mount the cloud-to-cloud snapshot or offline .pst. The consequence of restoring into the compromised host is re-encryption within minutes, as CISA ransomware guidance repeatedly warns.

Compliance-Grade Retention Settings by Industry

Industry rules dictate how long your .pst needs to live. Align your backup retention to the longest applicable clock.

State-Law Nuances That Change the Backup Plan

Federal law sets a floor, but many states add obligations. California, New York, and Texas are the three you most often must layer on top of federal rules.

California. The California Consumer Privacy Act, amended by the CPRA, requires covered businesses to produce consumer emails within 45 days of a verifiable request, and California Civil Code § 1798.82 requires breach notification when unencrypted personal information is exfiltrated. The consequence of losing a mailbox without a backup is missing the 45-day clock and paying statutory damages of $100–$750 per consumer per incident.

New York. The NYDFS Cybersecurity Regulation 23 NYCRR 500 requires covered entities to maintain audit trails and email records for five years and to notify the superintendent within 72 hours of a cybersecurity event. The consequence of a missed 72-hour notice is a separate enforcement action on top of the underlying breach.

Texas. The Texas Business and Commerce Code § 521.053 mandates breach notice without unreasonable delay, and the Texas Data Privacy and Security Act effective July 1, 2024, adds consumer-request response duties. Texas attorneys also face Texas Disciplinary Rule 1.14 trust-account and client-file preservation obligations that functionally require email retention.

Automating Your Backups with PowerShell

Manual exports fail the moment the user forgets. PowerShell closes that gap for Microsoft 365 tenants.

Using ExchangePowerShell for Tenant Exports

The ExchangePowerShell module lets admins start a compliance search and export results to PST with New-ComplianceSearch and New-ComplianceSearchAction -Export. Schedule the script through Windows Task Scheduler or Azure Automation. The consequence of skipping MFA-aware modern authentication in the connection string is a silent script failure every 90 days when cached tokens expire.

Using the Outlook COM Object on a Workstation

On a single workstation, a short PowerShell script using New-Object -ComObject Outlook.Application can walk $namespace.Folders and save each folder to a dated .pst. The consequence of running the script while Outlook Classic is open is a file lock that aborts the save; always schedule the task after hours.

Mistakes Courts Have Punished

Judicial opinions show what happens when backup plans fail.

In Zubulake v. UBS Warburg, 229 F.R.D. 422 (S.D.N.Y. 2004), the court issued an adverse-inference instruction after the defendant lost backup tapes. In Pension Committee of the University of Montreal Pension Plan v. Banc of America Securities, 685 F. Supp. 2d 456 (S.D.N.Y. 2010), Judge Scheindlin imposed sanctions for negligent preservation even without bad faith. In the 2022 SEC off-channel sweep, sixteen firms paid $1.1 billion because brokers used personal devices that the firms’ email backup never captured. The consequence pattern is consistent: courts and regulators treat missing email as if it was adverse, and fines scale with the gap.

FAQs

Is a .pst file the same as a backup?

No. A .pst is a storage format, not a backup plan. It only counts as a backup if a current copy sits on separate media, off the primary device, and you have verified you can restore from it.

Can I back up Outlook Classic without opening Outlook?

Yes. You can copy the .pst file while Outlook is closed and the file handle is released. The .ost file, however, is not portable and will not open on another profile without conversion.

Does Microsoft 365 back up my mailbox automatically?

No. Microsoft 365 replicates data for service availability, but the shared responsibility model makes point-in-time recovery and long retention the customer’s duty, which is why third-party cloud-to-cloud backup exists.

Is the PST password strong enough to protect sensitive data?

No. The PST password scrambles the file header but does not meaningfully encrypt content. Store sensitive PSTs inside BitLocker, VeraCrypt, or an AES-256 vault.

Can I back up New Outlook for Windows the same way?

No. New Outlook does not expose a .pst export as of April 2026. You must use cloud-to-cloud backup or revert to Classic Outlook to run the Import/Export Wizard.

How large can an Outlook Classic PST grow?

Yes, there is a soft cap at 50 GB by default on the Unicode format, configurable to 100 GB via a registry key per Microsoft’s PST-size article. Beyond that, performance degrades and corruption risk rises.

Do I need to back up email if I already have a legal hold?

Yes. A legal hold preserves what is currently in the mailbox, but it does not replace routine backup, and a misapplied hold can itself cause data loss, as the Microsoft Purview hold documentation warns.

Will exporting to PST break encryption on encrypted messages?

No. S/MIME and Microsoft Purview Information Protection encryption travel with the message into the PST, which is why recipients still need the matching key to read them after restore.

Can I automate Outlook Classic backups for multiple users at once?

Yes. Admins can use ExchangePowerShell compliance search exports, Group Policy-deployed AutoArchive, or cloud-to-cloud tools like Veeam and Dropsuite to capture many mailboxes without user action.

Does HIPAA require daily email backups specifically?

No. HIPAA requires a reasonable and appropriate backup plan under 45 CFR 164.308(a)(7)(ii)(A), and daily is the common standard, but the rule is risk-based and must be documented in your written policy.

Will an OST-to-PST converter preserve message dates?

Yes, reputable converters like Stellar and Kernel preserve sent/received timestamps and MAPI headers, which matters for litigation authenticity. Always run a sample restore and compare hashes before you trust the output.

Can I back up only a single folder from Outlook Classic?

Yes. In the Import/Export Wizard, clear Include subfolders at the parent level, pick the one folder you want, and the PST contains only that folder, which is useful for per-matter legal exports.

Word count: approximately 4,050 words.