Does putting a password on a PDF actually protect it?

It depends entirely on which of the two PDF passwords you mean, and most people do not realise there are two. The "user" or "open" password genuinely encrypts the file: without it the content cannot be read at all, so with a strong password this is real protection. The "owner" or "permissions" password is completely different — it does not stop anyone opening and reading the document; it only sets flags requesting that viewers disable printing, copying, or editing. Those flags are advisory and are trivially removed or ignored by many tools, so they provide essentially no security against anyone who cares to bypass them. So "I password-protected the PDF" can mean strong encryption or near-zero protection depending on which password was set, which is exactly the confusion this article exists to clear up.

What is the difference between the open password and the permissions password?

The open (user) password is the key to decryption: the PDF’s contents are encrypted, and you must supply the password to open and read the file at all. The permissions (owner) password does not encrypt the readable content — the document opens for everyone — and instead controls a set of permission flags such as "no printing," "no copying text," or "no editing." Crucially, a PDF can have either, both, or neither. A file with only a permissions password opens instantly for anyone and merely asks their viewer to honour the restrictions; a file with an open password is genuinely locked until you enter it. Understanding that these are two separate mechanisms — one cryptographic, one a set of honour-system flags — is the single most important fact about PDF passwords.

Why can people remove the permissions password so easily?

Because the permissions password does not encrypt the content it claims to protect — it only marks it with restriction flags, and the data needed to display the document is fully present and readable. Any tool that chooses not to honour those flags can simply ignore them, and many "unlock" tools do exactly that, lifting print/copy/edit restrictions in seconds without even needing the password. This is not a flaw that gets patched; it is inherent to how permissions work in the PDF specification. The practical takeaway is to never rely on a permissions password to keep someone from printing, copying, or editing a document you have handed them — if they can open it, they can defeat the restriction. Permissions are a courtesy signal, not a lock.

How strong is PDF encryption when an open password is used?

Modern PDF encryption is genuinely strong, but older PDFs can be weak, so the version matters. Current PDF software encrypts with AES (the Advanced Encryption Standard, the same family used across the security industry), and a file encrypted with AES-256 and a strong, unique password is, for practical purposes, secure — the encryption itself is not the weak link. The weak link is the password: a short or common password can be guessed or brute-forced regardless of how good the algorithm is, so the protection is only as strong as what you choose. Note too that very old PDFs used weaker, now-broken schemes (40-bit RC4 and similar), so a decades-old "encrypted" PDF may not be safe by today’s standards. Strong algorithm plus strong password equals real security; either one weak undermines it.

What does PDF password protection NOT do, even with encryption?

Several things people assume it covers. It does not prove who created or signed the document — that is what digital signatures are for, not passwords. It does not redact: hiding text behind a black box or a password does not remove the underlying data, which can still be extracted, so password-protecting a document is not a substitute for proper redaction of sensitive content. It does not protect against someone you have given the password to — once they can open it they can re-share, screenshot, or re-save it without protection. And a permissions password, as covered, does not really restrict anything. Encryption with a strong open password does one job well — keeping content confidential from those without the password — and you should not expect it to do the other jobs that need signatures, redaction, or rights management instead.

So how should I actually protect a sensitive PDF?

Match the tool to the real goal. To keep contents confidential, set a strong open (user) password so the file is genuinely encrypted, and share the password through a separate channel from the file. To remove sensitive information so it can never be recovered, redact it properly (delete the underlying data), do not just cover or password it. To prove authenticity or integrity, use a digital signature, not a password. And do the protecting with a tool that works on your own device, so the unprotected file is not uploaded to a third-party server in the process — ScoutMyTool’s PDF tools run client-side for this reason. The right combination depends on the threat, but the starting point is knowing that a password is for confidentiality via encryption, and only when it is the open password.

7 min read

PDF security: what password protection actually does (and does not)

By ScoutMyTool Editorial Team · Last updated: 2026-05-21

A colleague once sent me a "password-protected" PDF of a sensitive report, confident it was locked down — and I opened it without entering anything, because the only thing he had set was a permissions password that does not stop you reading the file. He had the false sense of security that PDF passwords are famous for, and it comes from one buried fact: PDF has two completely different passwords that people lump together as "the password." One genuinely encrypts the file; the other just sets restriction flags that anyone can ignore. Confusing them is how confidential documents end up effectively unprotected. This article untangles exactly what PDF password protection does, what it does not, and how to actually protect a sensitive file.

The two PDF passwords, side by side

Aspect	User / open password	Owner / permissions password
Also called	Open / document password	Permissions / owner / master password
What it does	Encrypts the file — needed to open it	Sets print/copy/edit restriction flags
Can you read it without the password?	No — content is encrypted	Yes — the document opens normally
Real protection?	Yes, if the password is strong	Weak — restrictions are widely ignorable/removable
Use it for	Keeping content confidential	A polite "please do not", not security

What it does — and does not — do

DOES: keep content confidential (open password). A strong user/open password encrypts the file with AES, so it genuinely cannot be read without the password.
DOES NOT: stop reading via a permissions password. An owner/permissions password leaves the document fully readable; it only flags restrictions that tools can ignore or strip.
DOES NOT: redact. Hiding or password-gating text does not remove the underlying data — it can still be extracted. Use real redaction for that.
DOES NOT: prove authorship or integrity. That is the job of a digital signature, not a password.
DOES NOT: control the document after you share the password.Anyone you give it to can re-save, screenshot, or re-share it unprotected.
DEPENDS: strength = algorithm + password. Modern AES-256 is strong, but a weak password (or an ancient 40-bit-RC4 PDF) undermines it.

How to actually protect a sensitive PDF

Once the two passwords are untangled, the right actions are clear. To keep contents confidential, set a strong open password so the file is truly encrypted, and send that password through a different channel than the file itself. To make sensitive information unrecoverable, redact it properly — delete the underlying data rather than covering it or relying on a password. To prove who signed a document, use a digital signature, not a password. And do all of this with a tool that runs on your own device, so the unprotected original is never uploaded to someone else’s server while you secure it. The mistake to retire is treating "I put a password on it" as a single, reliable act of security; it is only that when it is a strong open password, and even then only for confidentiality.

FAQ

Does putting a password on a PDF actually protect it?: It depends entirely on which of the two PDF passwords you mean, and most people do not realise there are two. The "user" or "open" password genuinely encrypts the file: without it the content cannot be read at all, so with a strong password this is real protection. The "owner" or "permissions" password is completely different — it does not stop anyone opening and reading the document; it only sets flags requesting that viewers disable printing, copying, or editing. Those flags are advisory and are trivially removed or ignored by many tools, so they provide essentially no security against anyone who cares to bypass them. So "I password-protected the PDF" can mean strong encryption or near-zero protection depending on which password was set, which is exactly the confusion this article exists to clear up.
What is the difference between the open password and the permissions password?: The open (user) password is the key to decryption: the PDF’s contents are encrypted, and you must supply the password to open and read the file at all. The permissions (owner) password does not encrypt the readable content — the document opens for everyone — and instead controls a set of permission flags such as "no printing," "no copying text," or "no editing." Crucially, a PDF can have either, both, or neither. A file with only a permissions password opens instantly for anyone and merely asks their viewer to honour the restrictions; a file with an open password is genuinely locked until you enter it. Understanding that these are two separate mechanisms — one cryptographic, one a set of honour-system flags — is the single most important fact about PDF passwords.
Why can people remove the permissions password so easily?: Because the permissions password does not encrypt the content it claims to protect — it only marks it with restriction flags, and the data needed to display the document is fully present and readable. Any tool that chooses not to honour those flags can simply ignore them, and many "unlock" tools do exactly that, lifting print/copy/edit restrictions in seconds without even needing the password. This is not a flaw that gets patched; it is inherent to how permissions work in the PDF specification. The practical takeaway is to never rely on a permissions password to keep someone from printing, copying, or editing a document you have handed them — if they can open it, they can defeat the restriction. Permissions are a courtesy signal, not a lock.
How strong is PDF encryption when an open password is used?: Modern PDF encryption is genuinely strong, but older PDFs can be weak, so the version matters. Current PDF software encrypts with AES (the Advanced Encryption Standard, the same family used across the security industry), and a file encrypted with AES-256 and a strong, unique password is, for practical purposes, secure — the encryption itself is not the weak link. The weak link is the password: a short or common password can be guessed or brute-forced regardless of how good the algorithm is, so the protection is only as strong as what you choose. Note too that very old PDFs used weaker, now-broken schemes (40-bit RC4 and similar), so a decades-old "encrypted" PDF may not be safe by today’s standards. Strong algorithm plus strong password equals real security; either one weak undermines it.
What does PDF password protection NOT do, even with encryption?: Several things people assume it covers. It does not prove who created or signed the document — that is what digital signatures are for, not passwords. It does not redact: hiding text behind a black box or a password does not remove the underlying data, which can still be extracted, so password-protecting a document is not a substitute for proper redaction of sensitive content. It does not protect against someone you have given the password to — once they can open it they can re-share, screenshot, or re-save it without protection. And a permissions password, as covered, does not really restrict anything. Encryption with a strong open password does one job well — keeping content confidential from those without the password — and you should not expect it to do the other jobs that need signatures, redaction, or rights management instead.
So how should I actually protect a sensitive PDF?: Match the tool to the real goal. To keep contents confidential, set a strong open (user) password so the file is genuinely encrypted, and share the password through a separate channel from the file. To remove sensitive information so it can never be recovered, redact it properly (delete the underlying data), do not just cover or password it. To prove authenticity or integrity, use a digital signature, not a password. And do the protecting with a tool that works on your own device, so the unprotected file is not uploaded to a third-party server in the process — ScoutMyTool’s PDF tools run client-side for this reason. The right combination depends on the threat, but the starting point is knowing that a password is for confidentiality via encryption, and only when it is the open password.

Citations

Encrypt a PDF properly — in your browser

Set a strong open password so your PDF is genuinely encrypted with ScoutMyTool — client-side, so the unprotected file never leaves your computer while you secure it.

Open Protect-PDF tool →