Strong PDF passwords are difficult to set up and use.
As a matter of history, passwords have been used to protect access to computers and access to files. At the time it was the only mechanism that could be implemented – smart cards and biometrics were just a gleam in manufacturer’s eyes (and some say still are).
Passwords have an increasingly bad press as a security mechanism, largely because of the appalling way in which programmers, with little understanding of either security or how human beings behave, have implemented poor systems that make impossible demands on the user.
The usual approach to password management is to insist on something that has 6 or 8 characters and/or numbers and changes regularly. The approach makes people pick easy passwords so they have a snowball in hell’s chance of remembering them.
The same goes when people pick passwords for protecting encrypted PDF documents (or zip files or anything similar). It is difficult to choose a password that you can easily pass on to the recipient and be sure they get it right unless you choose a short and simple one.
And managing passwords is, with these systems, a nightmare. Who has which password? Has it been changed? Can they update it? What happens if you update it? How do you get the password to the recipient securely? If they ‘lose’ it how do you replace it? You cannot stop them sharing the password(s) with other people and you have no way of being able to detect that.
And that creates the problem, because short passwords that are easy to remember and type in are just as easy for an attacker using a dictionary system. They can break it in minutes, if not seconds. Even using an exhaustive search for all numbers and letters for 8 character positions is stunningly quick with a P4 based computer. See Removing PDF Passwords.
Although PDF password protection seems to be a good idea because it’s easy, most implementations are not actually effective. Below are 10 reasons why you should not PDF password protect files.
If PDF password protection is not recommended, what should I use to protect my PDF documents?
The key to a secure system is to avoid the user having to know or be involved with passwords at all.
This is best achieved by ensuring that, in a cryptographic system, keys are exchanged securely and secretly, so that even the user is not aware of, and therefore cannot compromise, the security of the system. Only if you take these steps can you be confident that the protection method you have used is resistant to both deliberate and careless compromise.
It is an accepted fact by all security professionals that the people most able to compromise any security system are the authorized users themselves. That is not to say that users are deliberately dishonest or even malicious rather that in most cases they are over helpful or fail to understand the security functions that they are expected to perform.
It is not easy to design a system that does not rely upon the integrity of the user, but those that have been designed specifically to avoid the need for the user to become directly involved, through the use of passwords or direct use of cryptographic keys are to be preferred.