"Secure PDF" can mean several different things, and they offer very different levels of protection. Knowing the difference helps you choose the right one and avoid a false sense of safety.
Two kinds of password
- The open (user) password encrypts the document. Without it, the content cannot be read at all. This is real protection.
- The permissions (owner) password leaves the file readable but flags restrictions — no printing, no copying. These flags rely on the viewer honouring them, and many do not, so this is weak on its own.
Encryption algorithms over time
PDF encryption has evolved. Older files used RC4, which is now considered weak. Modern PDFs use AES (commonly 128-bit or 256-bit), which is strong. But here is the crucial point: the algorithm is rarely the weak link — your password is. AES-256 protecting a file whose password is "password1" offers little real security, because the password can be guessed.
Choosing a strong password
- Use a long passphrase, not a single word.
- Mix unrelated words, numbers and symbols.
- Never reuse a password you use elsewhere.
- Share the password through a different channel than the file.
What encryption does not protect against
Encryption protects a file at rest and in transit. It does not stop someone who already has the open password from copying the content, and it does not remove sensitive data that is simply hidden behind a black box — that requires proper redaction. For metadata and hidden layers, consider flattening.
Do it locally
Whether you are adding or removing a password, doing it in your browser means the unprotected content and the password never touch a server.
Encryption strength lives in the password
It is tempting to focus on whether a file uses AES-128 or AES-256, but in practice the password is what determines real security. Strong modern encryption protecting a weak password — a single dictionary word, a birthday — can be defeated by guessing, while the same encryption protecting a long, unpredictable passphrase is effectively impassable. Spend your attention on the passphrase, not the cipher name.
The limits of permissions
PDF permissions can request that a file not be printed or copied, but these are honoured only voluntarily by the viewer. Plenty of readers ignore them outright. Treat permissions as a polite signal of intent, never as a security control. If content must not be extracted, the only real protection is to not give the recipient the means to open it in the first place.
Layering protections sensibly
Security is rarely one setting. A confidential document might be encrypted with a strong open password for transport, have genuinely sensitive passages removed by redaction rather than hidden, and be flattened to strip stray metadata and annotations. Each addresses a different threat: encryption protects the file in transit, redaction protects against extraction, flattening protects against accidental leakage.
Frequently asked questions
Is AES-256 much safer than AES-128 for PDFs?
Both are strong. Your password matters far more than the difference between them — a weak password undermines either.
Do PDF permissions actually prevent printing or copying?
Only if the viewer chooses to honour them. Many ignore permissions, so they are not reliable protection.
What's the weakest part of PDF security?
Almost always the password. Use a long, unique passphrase and share it through a separate channel.
How do I protect against hidden data leaks?
Use proper redaction for sensitive content and flatten the file to remove stray metadata and annotations.
Matching the protection to the threat
Good security starts by naming what you are actually worried about, because each concern has a different answer. If the worry is that the wrong person opens the file, encryption with a strong open password is the control. If the worry is that someone who can open it extracts sensitive passages, no password helps — you must remove that content with redaction before sharing. If the worry is accidental leakage through metadata, comments or hidden layers, flattening the document strips those. If the worry is long-term readability rather than secrecy, that is an archiving question answered by PDF/A, not security at all. Many real documents involve several of these at once, and the right response is to layer the matching controls rather than hoping a single setting covers everything. Above all, remember that the strongest cipher protects nothing if the password is weak or shared carelessly, so the discipline of long passphrases and separate-channel sharing underpins all of it.
Related guides
- Why Browser-Based PDF Tools Are More Private Than Online Uploaders
- How to Merge PDF Files Without Uploading Them Anywhere
- How to Split a PDF Into Multiple Files (Page Ranges, Every Page, or Single Pages)