PDF Password Protection has been around for a long time, but is rarely analysed to see how successful it is. Here we look at it in terms of the good, the bad and the ugly.
hour to crack 16 character ASCII passwords
no. of years users keep passwords unchanged
characters is the average password length used
is the most popular password
How to get PDF Password protection to work. What you must consider if password protecting PDF files & password strength.
Using PDF password protection to stop PDF files from being misused. The options and software available for password protecting PDF files.
Permissions you can apply to PDF files, such as preventing access and stopping printing. Tips on setting permissions for PDF files.
How to unlock PDF files. The tools available to remove password security and why they are effective at unlocking PDFs.
How to select a strong password for your PDF files and apply PDF password protection to documents.
 |
Enforcing the use of strong PDF Passwords |
A password is a primary line of security against any unauthorized entry into the PDF document. The more powerful a password, the greater the degree of security the PDF document has. To create a strong password, follow these guidelines:
If you follow the basic password protection rules and use strong passwords then your PDF documents should be adequately protected. Bear in mind however that if you give the password to others then they can do what they like with the PDF file. So the password protects other users from opening the PDF document but nothing else. Whilst Adobe employ another type of PDF password, a restrictions password, this can be easily removed by PDF password recovery software. So PDF password protection is really only useful for storing PDF files securely.
 |
How to remove Password protection from PDF files |
It is possible to use passwords to protect PDF files from being opened, printed or altered.
In the Adobe PDF standard there are two passwords:
If the User password is already known, or the User password was not set, then there are literally hundreds of tools available, some free, some paid for, that will remove the permissions password almost immediately – 82 Million results on Google, so take your pick.
So if you are trying to control document usage you have to set a User password on the document or the permissions password can be removed trivially.
This creates the obvious problem that the people you are sending protected documents to need to have the User password in order to read it. And once the User password is known users can then use PDF password removal tools (although there are also other simpler methods – see Removing PDF Passwords) to trivially remove the permissions password and do what they like with the document. This is exactly the same weakness with sending encrypted documents that do not have DRM controls – the recipient can do what they like and you have no way of stopping them.
So the only time there is some control is if someone (i.e. an unauthorized user) gets hold of a User password protected document, not knowing what the password is. But even here companies such as Elcomsoft, famous for being the first to break the User password system, provide PDF password removal tools to carry out dictionary attacks (common password words such as ‘password’) and ‘brute force’ attacks (which will get you there eventually unless the password is very strong).
 |
Are PDF Passwords safe to use? |
The conclusion you have to come to is that although PDF password protection seems to be a good idea because it’s easy, most implementations are not actually effective. That is fine if you just want to appear to have some security. As an approach it only starts to become practical with very long passwords together with other controls monitoring or preventing unauthorized use.
The Adobe PDF Security method has been exposed as having an inherent weakness – based on an ‘honor’ system it relies on third party applications to enforce PDF restrictions (i.e. stop printing or copying). It is therefore trivial to bypasss or remove. This article covers the Adobe PDF security handler in more detail – How the Adobe PDF Security Handler works.
There are stronger approaches than passwords to ensure PDF protection. They start with the introduction of a recipient Identifier (ID) as well as a password, and go on to using cryptography to prevent unauthorised use by identifying hardware and linking it to the license rather than trying to identify the end user (identifying the hardware is not the same as identifying the MAC address given in a network adapter which can be changed or masked relatively easily).