Common password generators such as SecureSafe Pro Password Generator follow a strategy of you setting a master password and then they create ‘derivative’ passwords that will remain constant for that master password – this might be very handy if you have a fixed group of recipients. It means that you don’t need to store all the passwords you have created and sent out. Enter the same master password (maybe the recipient’s name or email) and you get the same list of derivative passwords. Otherwise, every time you generate a new password you need to store it and the recipient’s identity somewhere so you can recover it (or if someone loses a password and you have to create a new version of the password protected document for them and remember what you were doing). This works OK for small groups that don’t change.
Other approaches, such as that from SecureSafe Pro Password Manager let you do a lot of configuring and then generate a batch of as many passwords as you could want. This approach is handy if you want to just pick up the next password in the set. But there is no management built in. You just get a list of strong passwords.
Actually transferring passwords into PDF documents can be automated, but you would need to build your own engine to do this. It would need a Systems Developer Kit (SDK) to allow you to manipulate the PDF document. There are many SDK’s out there, and the licensing can be a bit complicated as to how many toolkits you can install and how many documents you can process. An example of a royalty free SDK that can secure, sign and protect PDF comes from Debenu.
So the administration of passwords is starting to get a bit complicated? And none of the common tools we have looked at appear to have a method of distributing the passwords once they have been generated. And distributing means getting them into the PDF document as well as getting them to the recipient of the protected pdf document so they can open it when it arrives.
This gets us to the question of what happens when a user ‘loses’ or forgets a password to a document. Do you send something completely new or do you lookup somewhere what you used last time and re-create the document, or do you rely on your email history to find what you originally sent them and send that again. The opportunities are endless, as is the amount of manual work created when coping with these problems. So far we have not seen an organized PDF password management system.
Can you stop people swapping passwords? No. Rather like digital signatures, if giving them away does not stop people using the documents then who cares. It needs a measure of inconvenience such as a watermark that identifies the authorised user, or a control that stops more than one person at a time from using a document, to persuade people not to give away passwords. Also, allowing users to redefine the security controls based on passwords is basically unsound. If any outside user can change the security controls then it does not take much to create documents that are not controlled.
Maybe it is symptomatic, but there are far more password remover applications than password generator applications.
So you can make PDF password protection work for small groups if you trust the users NOT to share the documents and passwords with others, but making it manageable, efficient and scalable is not easy.