PDF Encryption and Passwords Explained
PDF encryption protects a document by scrambling its contents so they can only be read with the right key. Unlike a sticky note that says "please don't share," encryption is cryptographic: without the password, the bytes on disk are unreadable. PDF supports two distinct passwords that do very different jobs, and understanding the difference is the key to using PDF security well.
The two passwords
A PDF can carry a user password, an owner password, or both. They serve different goals.
User password (the "open" password)
The user password — also called the document open password — is what most people mean by "password-protecting a PDF." If a file has a user password, no one can open it without typing that password. The viewer can't render a single page until the key is supplied. This is real confidentiality: lose the password and the content is genuinely inaccessible.
Owner password (the "permissions" password)
The owner password controls what you're allowed to do with a document once it's open. A file can have no open password at all — anyone can read it — but still restrict printing, copying, or editing unless you supply the owner password. This is how a publisher lets you read a report freely while discouraging you from extracting its text or printing it at full resolution.
You can combine both: a user password to open, and an owner password to lift restrictions.
What restrictions can be set
When you encrypt with an owner password, you can toggle a set of permission flags. The common ones:
- Printing — block printing entirely, or allow only low-resolution prints.
- Copying — prevent selecting and copying text and images to the clipboard.
- Editing — stop content modification, page insertion/deletion, or rotation.
- Annotations and form filling — disallow comments, markups, or filling in form fields.
- Content extraction for accessibility — usually left enabled so screen readers still work.
These flags live inside the encryption dictionary and are enforced by the PDF viewer, not by the cryptography itself — which matters when you think about their limits below.
AES 128-bit vs 256-bit
Modern PDF encryption uses AES (Advanced Encryption Standard), the same symmetric cipher that secures HTTPS and disk encryption. The number is the key length:
- AES-128 — a 128-bit key. Strong, widely compatible, and the practical floor for serious protection. Supported by virtually every PDF reader.
- AES-256 — a 256-bit key, introduced with PDF 2.0 (and PDF 1.7 extensions). It's the stronger choice and is what you want for sensitive material. Very old viewers may not support it, but anything current does.
For most people the difference is academic — both are infeasible to brute-force when the password itself is strong. The real weakness is almost never the cipher; it's a short or guessable password. AES-256 protecting "1234" is no protection at all. Choose a long, unpredictable passphrase.
On pdf-edit.tech, protect-pdf applies AES encryption through Apache PDFBox's StandardProtectionPolicy. You set the password, and the document is encrypted in-memory and returned to you; nothing is stored.
The limits of PDF security
PDF protection is useful, but be honest about what it can and can't do:
- Permission flags are advisory. Once a file is open, the content is decrypted in memory. Compliant viewers honor "no copy" and "no print," but a viewer that ignores those flags can still extract everything. Restrictions deter casual misuse; they don't stop a determined user.
- A screen can always be captured. No PDF setting prevents a screenshot or a photograph of the display.
- Removing a password is not cracking it. unlock-pdf only removes protection from a file you can already open — supply the password you know, and the encryption is stripped from the output. It does not break or guess passwords on files you're locked out of.
- Encryption is not redaction. Hiding text with a black box or an overlay doesn't delete it. If you need to truly remove sensitive content, do it before encrypting — and remember the edit tool stamps overlays rather than erasing underlying text.
Used well — a strong open password, AES-256, realistic expectations — PDF encryption is a solid layer of document security.
Related tools: protect-pdf to add a password, unlock-pdf to remove one you can already open, and edit-pdf for overlay annotations.
