NORTH AMERICA:  
844 569 7907
UK & EUROPE:  
+44 (0)7380 274238

How to encrypt a PDF securely

in , , ,

What’s the best way to encrypt a PDF: Adobe Acrobat, Word, or PDF DRM encryption software?

How to encrypt a PDF using Adobe, Word, online tools and PDF DRM.  How good is password protection for PDF encryption, how to send encrypted files via email, and what encryption software is best for business?

  PDF encryption

Encryption is a part of daily life on the internet, being used to protect information both in transit and at rest.  But when it comes to the protection of documents, we are woefully lax.  In most scenarios, documents are saved and shared completely unencrypted and therefore accessible to anybody who can get their hands on them.

To combat this, we have PDF encryption, which uses cryptographic algorithms to turn the contents into gibberish (ciphertext) until the intended recipient provides some form of authentication – this is usually entering a password upon which the PDF file is decrypted and can then be viewed.

However, although there are many tools to encrypt PDF files, securing a document in this way isn’t as simple as you might expect.  There are various methods and software you can use to encrypt them, and not all of them are equal.  Here we cover how to encrypt PDF files with or without passwords using file encryption software, Adobe Acrobat, Word, online PDF tools and PDF DRM software.

  How to encrypt a PDF file for email

PDF encrypt with certificate vs Password

Password encrypt a PDF

You can use any of the PDF encryption software covered below to encrypt a PDF file for email.  However, if you just want to securely send a PDF then any file encryption product will do.  WinZip for example lets you zip, encrypt, and email PDF files securely in one simple step with AES 128 or 256 bit encryption.  One that encrypts a PDF with a password will provide a similar level of security as encrypting a PDF with Adobe Acrobat, Microsoft Word or similar application.  In other words, you are relying on the recipient not to share it with others, because once they have the password (you have to send them it so they can open the PDF) then they can do what they want with the PDF file.

As with all forms of password encryption you have to also give the password to the recipient so you need to find a secure way to do this and also manage a list of passwords for each PDF you encrypt.

Encrypting a PDF with Winzip

PDF encrypt with certificate

A more secure form of encryption is using PGP software such as FileAssurity OpenPGP or similar.  This is because it uses digital certificates rather than password entry.  You encrypt a PDF using a person’s public key and then send the encrypted PDF to them just like any other file attachment.  Only the person with the matching private key can decrypt it.

However, once the PDF is decrypted, again users can do what they want with it.

Encrypting a PDF with FileAssurity OpenPGP

Many companies provide dedicated email encryption software that integrates with your email application (usually via a plugin) or provide a web mail interface to enable you to encrypt both message text and attachments.  Some use passwords and others such as ProtonMail use PGP encryption for advanced security.

PDF email encryption with ProtonMail

Some secure email systems enable you to stop forwarding of emails, apply an expiration date, and add a watermark by only allowing users to open emails in a browser viewer.  However, like all browser based viewers they provide weak security – they don’t stop users taking screenshots, printing, etc.

A more secure way to encrypt a PDF file for email is to use PDF DRM software.  That way you can ensure only the intended recipient can use it and control how it can be used (e.g. stop it being edited or printed).

  How to encrypt a PDF with Adobe Acrobat

One of the most popular methods to encrypt a PDF is using Adobe Acrobat software.  Adobe is the most well-known name in the PDF reader industry and admittedly it makes it very easy to encrypt a PDF.  This typically requires the paid version of the software.

After opening a PDF with Acrobat, all you need to do is choose Tools in the top bar, then select Protect > Protect > Protect using Password.

Encrypting a PDF with Adobe Acrobat

Totally useless security

You can also apply restrictions to limit how the PDF is used, such as stopping editing and printing.  However, don’t waste your time doing so – they are completely useless because some PDF Readers don’t enforce them and they can also be trivally removed by free password removal software.

Obviously, the main downside of Adobe PDF encryption is that Adobe encrypts the PDF with a password which users can give to others, or just remove it.  There are a wide range of free tools that can crack Adobe PDF passwords and encryption, making bypassing it a google search away.

So, while Adobe encryption (and any other PDF encryption that uses passwords) may prove to be convenient for encrypting a PDF, users can easily remove passwords and restrictions and view and modify the contents.

You can of course use certificates in Adobe Acrobat rather than password encryption.  However, that just solves the problem of secure key exchange (i.e. transmitting the password to the recipient) – once the recipient has decrypted the PDF they can save it as an unprotected file and remove all restrictions.

  How to encrypt a PDF with Microsoft Word

If you don’t have Adobe Reader, it’s possible to encrypt a PDF in Microsoft Word.  After you create your document, select File > Export > Create PDF/XPS Document > Create PDF/XPS.

Encrypting a PDF with Word

When you’re saving it in File Explorer, click the Options button, then tick Encrypt the document with a password and press OK.

As you can imagine, this has many of the same issues of protecting a PDF with Acrobat – i.e. it is totally useless.  As it is password-based, the document can be opened via brute force attack, using tools like PassFab, or by simply changing the file type and deleting the password setting.

  How to encrypt PDF online

If you don’t want to rely on installed software, or are unable to install new programs, you can encrypt a PDF online using a variety of tools.  Online hosted PDF encryption software can be paid for or free (usually with restrictions over use), but all enable you to encrypt PDF files online rather than having to install PDF Editing software.  Perhaps the most popular is from Smallpdf, but there are also offerings from PDF2Go and Adobe.

Adobe for example let you encrypt a PDF online for free but you cannot apply PDF document restrictions to stop printing, copying, editing, etc.

Encrypting a PDF online with Adobe Acrobat

Other companies such as CleverPDF or DeftPDF let you encrypt a PDF online for free and let you apply PDF restrictions to prevent printing and copying of content.

Encrypting a PDF online

After visiting one of the sites, you can simply drag and drop your PDF to the “Choose file” box, or browse to it with File Explorer.

Again, though, you’ll be asked to encrypt the PDF with a password, which makes it inherently vulnerable.  On top of that, you’re uploading potentially sensitive information to a third-party server.  You’ll therefore be unable to independently verify whether or not your file is stored and misused, and whether any metadata is left behind.

Further, while some online PDF encryption software has separate printing, viewing, copying, and editing controls, most don’t.  The ones that do suffer from the same security issues as Adobe, in that restrictions can be trivally removed.  They also lack advanced functionality such as the ability to expire a PDF after a certain period, revoke document access after the password has been shared, or track who is opening the document.

The problem however with all these online PDF encryption software tools is that they use passwords for protection, which can be easily removed with password recovery software.  Also, you have to give the password to whoever you want to open the PDF file, and once they have that they can remove it and/or give it to others without your knowledge.

Another problem with encrypting PDF files with passwords is that you have to manage them.  If you have a lot of PDF files to encrypt then using passwords can be a significant management overhead as you will have to manage a list of PDF documents and their passwords.  You will also need to have some type of password recovery system in place for when users forget them.

  Encrypting a PDF without passwords using DRM

The final and most secure option is encrypting a PDF using PDF DRM software.

These are more expensive than password encryption applications, but are much more secure and tend to offer a range of document controls to restrict PDF editing, disable printing, stop copying, block screenshots, add expiry and revoke document access.  The best PDF DRM solutions are much more secure than password alternatives because they use key-based licensing to assure only authorized users can access a document, and transparent key management so that users never know what the encryption/decryption key is.  There is no user interface to the encryption system so users don’t have to enter anything to open an encrypted PDF file – they are either authorized to do so or not.

You should be aware that some secure data room systems advertise as PDF DRM solutions but they use passwords for authentication – this provides weak security since users can share their login credentials with others and therefore your PDF files.  They can also print to unprotected PDF files if printing is allowed. Other controls to stop copying, printing, etc. can often be bypassed because they use JavaScript, which users can modify in the browser. For an example of how insecure JavaScript-based browser controls are, see how easy it is to bypass Google Docs security.

The process to encrypt a PDF with a DRM solution naturally varies depending on the software.  For most, though, it’s as simple as right clicking on the PDF in Windows File Explorer and selecting the relevant option from the list.
protect pdf file

PDF encryption with Safeguard PDF Security

PDF encryption options

After choosing the terms of access and other controls, you can publish the PDF as a separate, encrypted PDF document and share it as necessary.  Locklizard also enables you to compress a PDF securely to to reduce file size when sending it via email or chat.

  How good is Password Protection for PDF encryption?

It depends on 4 factors:

  1. The encryption algorithm
  2. The encryption key length
  3. The password quality and length
  4. The implementation

Don’t get confused by encryption algorithms or key lengths.  Most PDF encryption software uses AES encryption which is US Gov approved, and anything with a 128-bit key length of greater will be fine.  What really counts is:

  • how long and random your password is – a 16 character random password would be sufficient and provide decent protection against brute force attacks.  If your password comprises numbers, upper and lowercase letters and symbols, it will take a hacker for example 34,000 years to crack a 12 character password (today).  However, technology is constantly evolving and we have yet to see where quantum computing will take us and how that will affect brute force attacks (hint it will become a lot quicker).  So basically, the longer the password, the better.
  • How the PDF encryption has been implemented – if this is badly and there are easy ways around the system then it will not matter how good the algorithm or key length is.  This is why PDF restrictions can be so easily removed.

Ultimately PDF password protection is no worse than any other file encryption software that uses passwords for protection.  Just make sure you are not relying on enforcing PDF restrictions to stop PDF editing, printing etc. as users can remove PDF restrictions regardless of password complexity or length.

  PDF Encryption Software

What’s the best way to encrypt a PDF?

Ultimately, the best PDF encryption software is one that does not use passwords (either entry of a password to open the PDF file or a login to an online system that enables users to share login details), but it will differ for each user since how to encrypt a PDF depends on your use case.

  1. If you’re a private user looking to hide your documents from prying eyes, Adobe PDF and Microsoft Word provide a rudimentary layer of protection.
  2. A similar logic applies to online PDF encryption software, though users should exercise even more caution as it requires interaction with a third-party server.
  3. Alternatively, you can just use standard file encryption software that will encrypt a range of file types including PDF files.  You may find this more flexible than the above options since they provide the same amount of protection but will encrypt any type of file.

All of the above PDF encryption software can only slow down the most basic attacks (requiring at least some effort to decrypt them) in situations where the investment in a DRM solution doesn’t make sense.  However, you might say they provide a false sense of security unless you trust the recipient not to share, copy or modify your PDF files.

Removing PDF passwords and restrictions

What’s the best way to encrypt a PDF for business?

In a business environment, the leak of sensitive documents can be much more damaging.  In this case, where there may be determined attackers, rogue employees, or the need to share PDF documents securely with third parties, robust DRM-based PDF encryption may be needed.

Similarly, if you are looking to sell PDF documents then you want to make sure they cannot be readily shared or pirated.  In either case you should check the following:

  • only use PDF encryption software that can be installed on your device so you don’t expose sensitive documents to a cloud server
  • use PDF encryption that cannot be easily removed – so avoid any solution that uses passwords
  • ensure that document controls are enforced for both online and offline files
  • that watermarks are permanent (watermarks applied with PDF editing software can be removed in one action) and support dynamic variables
  • that PDF files are locked to devices to prevent users sharing them with others
  • that you can change PDF security settings after distribution, such as expiry and print controls

 

So while you can encrypt PDF files using Adobe, Word and file encryption software, be aware that if the PDF encryption can be easily removed, there is not much point in using it.  And if you encrypt a PDF online you might be unknowingly exposing your documents to unintended users as well.

If you want to encrypt a PDF without passwords then take a free 15 day trial of our PDF encryption software.

Try Safeguard today

Start protecting your PDF files and documents from sharing & piracy

  ABOUT US

About Us

Our DRM Technology

Customers

Locklizard vs Competitors

Company Brochure

  CONTACT


Business Hours:
Mon – Fri: 8AM to 5PM EST
Tel (US): +1 844 569 7907
Tel (UK): +44 (0)7380 274238

© Copyright 2004-2024 Locklizard Limited. All rights reserved.Privacy Policy|GDPR Policy|Cookie Policy|SITE MAP