Feds arrest Russian cracker for breaking Adobe’s PDF security controls. Last year ElcomSoft produced a piece of software that cracked FileOpen Systems code since it relies on Adobe Acrobat to provide PDF security.
It is possible to use passwords to protect PDF files from being opened, printed or altered. A PDF file that has been secured with the help of a strong and robust password has supposedly enough protection in order to avoid duplication or distribution by unauthorised users (assuming of course that the recipient who has been given the password in order to open it does not share this with others…). The creator of a PDF file can use password protection to limit user access to the file (document contents are encrypted), prevent printing, copying of text from the file, and editing the content in the document. However, the question arises as to what needs to be done if the original password created by the user has been forgotten?
Types of PDF Passwords
In the Adobe PDF standard there are two passwords you can apply to encrypt a PDF file:
The stronger the document open password the longer it will take to crack or remove with PDF password remover tools. The permissions password however can be broken trivially no matter how strong it is due to inherant weaknesses (or flaws) in the design of the Acrobat Standard Security handler. See How Secure Is PDF?
In fact, when it comes to removing PDF permissions you don’t even need to use a PDF password remover program – there are other simpler methods – see Removing PDF Restrictions below – to trivially remove the permissions password and do what you like with the document
You therefore must add a Document Open password to the PDF or the permissions password can be simply removed. However the dilemma here is that people you are sending protected PDF documents to need to have the Document Open password in order to read them. So the only protection provided is if someone (i.e. an unauthorized user) gets hold of a protected PDF, not knowing what the password is. But even here PDF password remover companies provide PDF cracking tools that will remove the Document Open Password unless it is very strong.
Types of PDF Password remover tools & technology
If you are looking at PDF password remover tools for your legitimate use (to unlock PDF files that you have forgotten the password for) then you will need to exercise a great deal of caution with freely available password remover tools. Most password remover tools that are free require the user to download irrelevant software onto their computer. Some PDF password remover tools, for example a well known password remover software known as “PDF Unlocker”, gets the user to install unnecessary plug-ins and browser toolbars in order to use the tool. It is important to be highly cautious while downloading such tools, as often these additional extensions and plug-ins are nothing but completely unnecessary bloatware that slow down computer performance.
Current cracking tools use several techinques to remove a PDF User password and unlock PDF files:
To remove PDF password protection from a PDF file, look into some of these safe PDF password remover tools:
All of the PDF password remover tools can easily remove the Permissions password (and thus the document restrictions) in seconds.
However the document open password may be harder to remove depending on the strength of the password used (length and character combination) and the encryption algorithm. In order to remove the PDF document open password you will have to purchase PDF password remover software as freeware only lets you remove the permissions password (removes PDF restrictions). Some companies such as Elcomsoft specialize in PDF password remover tools using various methods such as dictionary attacks and brute force to eventually crack the password.
Be wary of PDF password remover tools that offer an online service because you have to upload your PDF file to their servers and it is decrypted there. If you have confidential information stored in the PDF you may therefore want to consider PDF password remover software that you install on your computer.
Remove protection from PDF files – is it that easy?
A well-known technology website offered technical experts the opportunity to crack a 10,000+ entry-encrypted password document and asked them to breach into the security of the file. The winner of the project was able to get over 95 percent of the entries while the other participants were able to crack 75 percent, in just a matter of few hours. How the ‘crackers’ did it was through the unfortunate and irresponsible use of non-randomized passwords by the account holders. Some of the commonly used passwords in the encrypted file included “123456,” “1234567,” “password,” hello123,” “hello1,” “admin” etc.
Locking PDF documents with passwords is an extremely sensitive concern given the value and importance of the contents contained within them. Having said that, it is also important for users to be extremely cautious when sharing PDF files and documents amongst one another, as this may cause documents to be inadvertently leaked to unauthorized parties. There have been cases where even after much caution; documents have fallen into unintended hands. This is why it is extremely significant to integrate additional safety measures to documents in addition to strong PDF passwords.
Unlocking password protected PDFs is more likely if the password protecting them is simple and weak – PDF documents are only as safe as the passwords that are safeguarding them. To prevent the data breach of a PDF file, make use of passwords that are more than seven characters long and that also include at least one number and one special character. Experts widely agree that simple words such as a straight dictionary word should not be used. Also, refrain from using short length passwords. See PDF Password Tips.