I am going to distribute an add in within my departament. Because I want to make it safe I would like to ask about some best practices in this matter. I have read the Microsoft articles about that, but I would also like to ask about Your experience. Do You think password is enough security? The addin will be stored in a shared drive, it will be read only.
VBA code is not secure, full stop. Put the file on a network share where IT can control who has read/write access.
Anything you do to "make the VBA code secure" will be defeated within seconds by anyone that wants to "get in": putting a password on the VBA code is about as secure as locking your screen door - it keeps the bugs out, but if that's the best you've got any burglar is going to pee their pants in laughter as they cut through the screen like a hot knife in butter.
By putting the file on a network share, and having Active Directory (assuming you're on an AD domain) manage users & groups access (i.e. who is authorized to read & who is authorized to write in that network share), you put it on the IT infrastructure to manage authentication and authorizations, instead of putting a giant padlock on a screen door.