Password security options
The following security options are located in the Password Security dialog box. These
options also appear if you change security options while using Acrobat Distiller to create a
PDF document. Many of these options are available when you create security policies.
Set the type of encryption for opening a password-protected document. The Acrobat 3.0
And Later option uses a low encryption level (40-bit RC4), while the other options use a
high encryption level (128-bit RC4). Acrobat 6.0 And Later lets you enable metadata for
searching. Acrobat 7.0 And Later lets you enable metadata for searching and encrypt only
Be aware that anyone using an earlier version of Acrobat cannot open a PDF document
with a higher compatibility setting. For example, if you select Acrobat 7.0 And Later
compatibility for a document's security setting, the document cannot be opened in Acrobat
6.0 or earlier.
Encrypt All Document Contents
Select this option to encrypt the document and the document metadata. If this option is
selected, search engines cannot access the document metadata.
Encrypt All Document Contents Except Metadata
Select this option to encrypt the contents of a document but still allow search engines
access to the document metadata. (For details on adding metadata to a document, see
Editing document metadata.)
Encrypt Only File Attachments
Select this option to require a password for users to open file attachments. However, users
can open the document without a password.
Require A Password To Open The Document
Select this option and type a password in the Document Open Password box to prevent
users from opening the document unless they type the password you specify. This option
is unavailable if the Encrypt Only File Attachments option is selected.
Document Open Password
Specify a password to help prevent users from opening the document (or document
attachments) unless they type the password you specify. This option isn't available when
Encrypt Only File Attachments is selected.
File Attachments Open Password
Specify a password to help prevent users from opening the document attachments unless
they type the password you specify. This option appears only when Encrypt Only File
Attachments is also selected.
Select the Use Permissions Password To Restrict Editing Of Security Settings option, and
specify a Permissions password to restrict users from printing and editing. Users cannot
change these security settings unless they type the Permissions password that you specify.
You cannot use the same password used for the Document Open password.
Specify the quality of printing for the PDF document:
Not Allowed prevents users from printing the document.
Low Resolution lets users print the document at no higher than 150-dpi resolution.
Printing may be slower because each page is printed as a bitmap image. This option is
available only if the Compatibility option is set to Acrobat 5.0 And Later or a later
High Resolution lets users print at any resolution, directing high-quality vector output to
PostScript and other printers that support advanced high-quality printing features.
Define which editing actions are allowed in the PDF document:
None prevents the user from making any changes to the document that are listed in the
Changes Allowed menu, such as filling in form fields and adding comments.
Inserting, Deleting, And Rotating Pages lets users insert, delete, and rotate pages, as well
as create bookmarks and thumbnail pages. This option is available only if a high
encryption level is selected.
Fill-in Form Fields And Signing lets users fill in forms and add digital signatures, as well
as allowing the actions in the previous option. This option doesn't allow users to add
comments or create form fields. This option is available only if the Compatibility option is
set to Acrobat 5.0 And Later or a later Acrobat version.
Commenting, Filling In Form Fields, And Signing lets users fill in forms and add digital
signatures and comments.
Any Except Extracting Pages lets users change the document using any method listed in
the Changes Allowed menu.
Enable Copying Of Text, Images, And Other Content
Lets users select and copy the contents of the PDF document. It also lets utilities that need
access to the contents of a PDF file, such as Acrobat Catalog, get to those contents. This
option is available only if the Compatibility option is set to Acrobat 5.0 And Later or a
later Acrobat version.
Enable Copying Of Text, Images, And Other Content And Access For The Visually
Lets visually impaired users use screen readers to read the document's contents. Users can
also copy and extract information from the document. This option is available only if
Compatibility is set to Acrobat 3.0 And Later.
Enable Text Access For Screen Reader Devices For The Visually Impaired
Lets visually impaired users read the document with screen readers. This option doesn't
allow users to copy or extract the document's contents. This option is available only if the
Compatibility option is set to Acrobat 5.0 And Later or a later Acrobat version.
Encrypting Adobe PDF files using certificates
When you encrypt a PDF file using a certificate, you specify a list of recipients and define
the recipients' level of access to the file--for example, whether the recipients can edit,
copy, or print the file. You can also encrypt a document using security policies. (See
Encrypting Adobe PDF files using security policies.)
Encrypting a document for a list of recipients begins by including your digital ID in the
list, so that you later are able to open the document. You then select the digital ID
certificates for those who you want to be able to open the document. You can obtain these
certificates from your list of trusted identities, from files on disk, from an LDAP server, or
from the Windows Certificate Store if you use Windows. After you build a list of
recipients who have access to the file, you can apply restricted permissions on an
individual basis. (See
Getting digital ID information from other users.)
Note: You can also create a security policy that stores certificate settings for easy reuse.
Creating user security policies.)
To encrypt a file and create a recipient list:
1. From the Secure menu on the Tasks toolbar, choose Secure > Show Security Settings For
2. From the Security Method menu, choose Certificate Security.
3. Select which digital ID you want to use, and then click OK. (See
Using digital IDs and
4. In the Restrict Opening And Editing To Certain Identities dialog box, do the following:
Create a recipient list for your encrypted file: Use the options at the top of the dialog box
to locate identities; then select an identity name, and click Add To Recipients List to move
that name to the Recipients list.
In the Recipients list, highlight the recipient or recipients for whom you wish to set levels
of access, and click Set Recipient Permissions. (See
Password security options.) You can
set different levels of access for different recipients. If you don't set permissions, the
recipients have full access by default.
Select Enable Plaintext Metadata if you want search engines to have access to the
document metadata, even though the document contents are encrypted.
From the Encryption Algorithm menu, choose 128-bit AES or 128-bit RC4. If you select
128-bit AES, Acrobat 7.0 or Adobe Reader 7.0 is required to open the document.
5. Click OK to implement your settings, and then click OK again. Save and close the
When someone from your recipient list opens the PDF document, the security settings you
specified for that person are used.
To change the security settings for an encrypted document:
1. From the Tasks toolbar, choose Secure > Show Security Settings For This Document.
2. In the Security panel, choose Change Settings.
3. Do any of the following, and then click OK:
To check a recipient's trusted identity, select the recipient, and then choose Recipient
To remove recipients, select one or more recipients, and then choose Remove from List.
Do not remove your own certificate from this list, or you won't have access to the file
using that certificate.
To change recipients' permissions, select one or more recipients, and then choose Set
To remove security settings from a document:
1. From the toolbar, choose Secure > Remove Security For This Document.
2. If prompted, type the Permissions password. If you don't know the Permissions password,
contact the author of the document.
Encrypting Adobe PDF files using security policies
Do you often apply the same security settings to multiple PDF documents? For example,
do you encrypt documents with a certain password and set of permissions, or encrypt
documents for your accountant using a public key certificate? In Adobe Acrobat 7.0, you
can save security settings as policies that you can reuse. Security policies include the type
of security encryption, the permission settings, and information about who can open the
document or change security settings. There are two kinds of security policies:
A user policy is developed and applied by an individual user. If you apply the same
security settings to various documents, you can save time by creating a user policy and
then reapplying the user policy to documents without having to specify the security
settings each time. User policies for passwords and public key certificates are stored on
your local computer. If you have access to Adobe Policy Server, you can also create a user
policy that is stored on a policy server and is available only to the person who creates it.
An organizational policy is created by an Adobe Policy Server administrator and is stored
on a policy server to be shared by a group of users. Adobe Policy Server controls access to
PDF documents and auditing events as defined by the security policy. You can use Adobe
Policy Server if your company has purchased rights and made it available to you.
Understanding how security policies are authenticated on a server
Using Adobe Policy Server
Managing security policies
Creating user security policies
Applying security policies to a document
Removing user security policies applied to a document
Understanding how security policies are authenticated on
In addition to allowing the reuse of the same security settings, policies stored on Adobe
Policy Server have the added benefit of letting you expire and revoke documents no
matter how many copies were created or distributed, maintain accountability by auditing
who opens protected documents, and retain usage flexibility.
Security policies A. Policies are stored on the server. B. Policies are applied to the PDF
document. C. Users can open, edit, and print the document only if permitted by the policy.
The process of using server-based security policies requires four main stages:
Configuring the policy server
The system administrator of your company or group usually configures Adobe Policy
Server, manages accounts, and sets up organizational policies. For more information on
configuring the policy server, see the Adobe website.
Publishing a document with a security policy
An author creates a PDF document and applies a policy stored on Adobe Policy Server to
the document. The policy server generates a license and unique encryption key for the
document. Acrobat embeds the license in the document and encrypts it using the
encryption key. The author or administrator can use this license to track and audit the
Viewing a document with a policy applied
When users try to open the secure document in Acrobat 7.0 (or Adobe Reader 7.0), they
must authenticate their identities. If the user is granted access to the PDF document, the
document is decrypted and opens with whatever permissions are specified in the policy.
Administering events and modifying access
Using the Web Console, the author or administrator can track events and change access to
policy-secured documents. Administrators can view all document and system events,
modify configuration settings, and change access to policy-secured documents. Users may
be required to check in the PDF document periodically to continue to have access to the
Using Adobe Policy Server.)
Documents you may be interested
Documents you may be interested