pdf password protection

PDF Password Cracker

Unlock PDFs: Cracking Adobe Password Protected PDF Files

  Free Trial & Demo

“Fantastic product… outstanding support.”

“We would recommend Locklizard to others”

“The clear leader for PDF DRM protection”

“Our ebook sales have gone through the roof”

“Simple & secure – protects IPR from theft”

Trusted by:

How easy is it to unlock or crack password protected PDFs?


Answer: Very

There are a number of advantages in using PDF documents, and chief amongst the benefits is the ability to secure the document with the help of a password, as compared to other image files such as TIFFs or JPEGs.  If you password protect PDF files then you can restrict the ability of a user in duplicating, editing or accessing text from the document and in some cases prevent the user from printing it.  But PDF password protection is not as secure as it might seem…

  Using passwords to protect PDF files is not secure

Unfortunately, in spite of the best interests of the creator of the PDF document to secure the text or other content contained in the file, password protected PDFs can easily be cracked and the document security features removed.  A simple search on any major search engine will reveal numerous PDF password removal applications and workarounds that are easily and freely available online.  These can be used in unlocking almost any secure PDF for unauthorized edits, sharing, and use with optical character recognition software.

A large number of companies continue to employ reusable, standard passwords to password protect PDF files.  Unsurprisingly, these same standard passwords are also used in various other business applications, intranets and extranets, e-mail, CRM and other business programs within the organization. Maintaining confidential information or sensitive data in PDF documents with reusable or standard passwords is highly insecure and risky.  This is because passwords can easily be hacked, stolen or guessed (the majority of passwords are weak and the most popular password is 123456); and once the password has been compromised, the PDF document is no longer secure.

In most cases, the document owner is rarely aware that their passwords have been compromised and if the hacker is smart, the fact that the attack has taken place also might never be discovered.  For organizations and companies, this means that sensitive business data can be easily duplicated, edited, deleted or even read by unauthorized sources without anyone even knowing a security breach has occurred.

In spite of technological advancements and education surrounding the importance of strong passwords for confidential business information, a large number of companies still have a poor understanding of how easy it is for anybody outside the system to subtly hack into their data.  Standard password-based PDF documents are often reused with the same credentials and in most cases these credentials are stored in a password database that is typically maintained on the company’s system.  Hence the password to the document can either be acquired by snooping on the user’s network connection, hacking the system’s password file, keyboard tapping or keystroke capturing, stealth infection, searching online for a simple password removing application, or simply by guessing the password or using dictionary attacks.  There are a number of powerful password cracking applications that are able to decrypt any password within seconds or minutes through a standard computer – the shorter the password the quicker it is to crack.

Adobe PDF Password Cracker History

  • 2003

    Elcomsoft break 40 bit Adobe PDF Encryption

    ElcomSoft’s Advanced PDF Password Recovery software makes it easy to remove both password encryption and usage restrictions from Adobe Acrobat PDF files.  It provides super-fast guaranteed recovery of PDF files with 40-bit encryption.

  • 2006

    PDF permissions passwords removed by viewing PDFs in Gmail

    Password protected PDF files received in Gmail are easily cracked.  If you select ‘View as HTML’, the full text of the document will display as HTML, even if the original PDF is secured against content copying/extraction.

    2006

  • 2007

    Adobe Acrobat 8 password encryption cracked

    AES 128 bit and 256 bit protected PDFs can be cracked.  It is the password rather than the encryption algorithm that is cracked using dictionary and brute force attacks.

  • 2008

    Adobe Acrobat PDF 9 is less secure for PDF password protection

    Acrobat 9 passwords (vs Acrobat 8) can be cracked 100 times quicker by brute force attacks due to a weakened password verification mechanism.

    2008

  • 2010

    Adobe Acrobat X

    Acrobat X/XI/DC no longer offer Acrobat 9 encryption (PDF 1.7) for protecting new documents (only for decrypting existing documents) due to a weakness in the password checking algorithm.

Types of PDF Passwords & how to crack them

You can protect Adobe PDF files with two different passwords:

  1. The Document Open password – this is required to open the PDF to read it.  The stronger the document open password the longer it will take to crack or remove with PDF password removal tools.  Once a user knows the open password they can share it with others or instantly remove it.
  2. The Permissions password – required to set, change, or remove PDF restrictions.  This can be easily cracked no matter how strong it is due to a flaw in the design of the Acrobat Security handler.  See How Secure Is PDF?


Free online PDF password cracking software will normally only remove the permissions password although some will also remove the PDF document open password if the PDF has been encrypted with 40 bit encryption.  However, when it comes to removing PDF restrictions you don’t even need to use a PDF password cracker program – there are other simpler methods – see Removing PDF Restrictions.

To remove the Permissions password you must know the Document Open password.  If you don’t then you need to purchase a PDF password cracking program to remove it (free online PDF password crackers only remove the permissions password.  Some will remove the Document Open password if the document was protected with 40 bit encryption but this is rare unless it was protected with a very old version of Adobe Acrobat).  One of the first and best programs for cracking PDFs is Elcomsoft’s Advanced PDF Password Recovery.  The professional edition removes PDF document open and permissions passwords using both brute force and dictionary attacks.

How does PDF Password cracking software work?


PDF Password cracking software (usually marketed as PDF Password Recovery software for legal reasons) use several techniques to remove a PDF Document Open password:

  • Password lists – this tries the most common words people use as passwords – e.g. password, 123456, etc.
  • Dictionary attacks – this tries all the words found in a dictionary, often in several different languages.  Single dictionary words can be cracked in minutes.
  • Brute force – this tries all possible password combinations starting with a password that is a blank field.  If it fails they add another bit and try again until they find it.  The shorter the password the quicker the attack works.
  • Rainbow table – a list of pre-computed hashes (the numerical value of an encrypted password) of all possible password combinations for any given hashing algorithm.
  • Thunder Tables™ – these are unique to Elcomsoft.  They list all the keys for which Rainbow Table fails so that brute-force attacks do not spend time trying 99% of incorrect keys.
PDF Password cracking software

See PDF Password Remover tools for a list of programs that unlock PDF files and how to remove PDF Restrictions without using Password cracking tools.

How long does it take to crack PDF Passwords?


Any PDF password cracking software can easily remove the Permissions password (and thus the document restrictions) in seconds.

Time to crack the Document Open password will depend on:

  • the strength of the password (length and character combination) – a strong password will take longer to crack (i.e. a long password with multiple non-alphanumeric characters)
  • the encryption algorithm used and strength – AES for example will take longer to crack than RC4 40 bit
  • the processing power and memory of your computer – the more the better
  • whether the PDF password cracking software supports multi-core, multi-processor, and GPU hardware acceleration

Brute force and dictionary attacks can therefore take several days or more to crack a PDF password depending on the above factors.  If the PDF password is particularly long you might be waiting a while!

Cracking of PDF files encrypted with 40-bit keys usually takes a few minutes if you use Elcomsoft’s Enterprise edition of Advanced PDF Password Recovery.  This is because it attacks the encryption key instead of attempting to guess the password.  Other PDF password crackers will take 1-2 days to crack 40 bit encrypted PDFs.

Adobe 9 passwords using AES are 100 times quicker to crack because of a security implementation flaw – a password checking routine consist of just one call to SHA256 hash function.  It is not the AES algorithm at fault but the password checking routine implemented by Adobe which checks if you have entered the correct password or not.

Are PDF Passwords Secure?

  • PDF encryption algorithms

    Adobe Acrobat uses different algorithms (RC4 and AES) to encrypt PDFfiles with 40, 128 and 256 bit keys.

  • PDF Restrictions removal

    Applying PDF restrictions is a waste of time because the PDF permissions password can be removed instantly.

  • 40 bit encryption can always be cracked

    If the Document Open password uses 40-bit keys (Acrobat 3 compatible encryption) then PDF Password crackers guarantee to remove it.

  • Cracking a PDF Document Open Password

    The stronger the PDF Document Open password the longer it will take to crack.  A strong password consisting of at least 32 characters, a non-dictionary word, and multiple NON-alpanumeric characters could take weeks to crack.

Protection against PDF password cracking


It is now more critical than ever to employ potent authentication and encryption to secure sensitive PDF documents.  In an ideal situation, organizations should get rid of standard, reusable passwords in favor of strong authentication methods like public key technology, tokens, and dongles.  Most firms bury their heads in the sand, hoping that their password protected PDF documents remain safe.  However, it only takes one incident; an occasion where confidential information is breached that can put the entire reputation of the organization at stake.  It is important to consider all that is being risked – the company’s business privacy, client’s confidential data, and financial penalties.

To prevent the unauthorized use of your PDF documents, you need to ditch your password protected PDF files for a PDF DRM system that uses public key technology.  With public key technology, there are no PDF passwords to share, break, or forget – decryption keys are securely and transparently transferred and locked to authorized client computers.  Locklizard’s PDF document security offers additional security features beyond simple PDF password protection.  You can stop screen grabbing software, enforce expiry dates, revoke PDF files at any stage, restrict access to specific users, and log document use.

If you don’t want any real security for your PDF documents then password protecting PDF files is a cheap solution, but if you want to effectively control access to your PDF files no matter where they reside, then you need a PDF DRM system to control access and use.

Customer Testimonials