Acrobat Standard Security
Acrobat standard security allows you to control who can access your document and, by setting permissions, how much they can edit or print. Acrobat offers three levels of security:
- Low-level encryption (40-bit key length) — Compatible with Acrobat versions 3 and later.
- High-level encryption (128-bit key length) — Compatible with Acrobat versions 5 and later.
- AES encryption (128-bit key length) — Available only with Acrobat 8 and later.
- AES encryption (256-bit key length — available for SecurSign & APCrypt only) — Available only with Acrobat 9, X and XI.
High level encryption provides a higher level of security and finer control over security features. The minimum level of security that you can set is to allow any changes except extracting pages.
Once you set encryption on a document, it cannot be processed in other ways unless the password is available to the processing software. You can also change or remove encryption in Acrobat.
Owner and user passwords
All levels of security allow you to set passwords for the document:
- User password: controls who may view a document.
- Owner password (required): controls who may make changes to permissions and passwords securing a document.
You must set an Owner password to apply encryption. Do not use the same password for both User and Owner. If the same password is used for both, only the User password will be set.
Different versions of Acrobat use different terminology to refer to the same concepts. You’ll see more of this in High-level encryption password nomenclature as described in the following table for various versions of Adobe Acrobat:
| Type | Acrobat 7, 8 and 9 | Acrobat X & XI |
|---|---|---|
| User | Document Open | Document Open |
| Owner | Permissions | Change Permissions |
Encryption Permissions
Acrobat allows you to set various permissions to limit access to the information in the document. Adobe changes the use of permissions when they moved from 40-bit key lengths to 128-bit key lengths. The sections below detail the different options and permissions based on using 40-bit or 128/256 bit key lengths.
Note: Low and high level encryption use -nomodify and -nonotes differently.
The following is an example of the security options in Acrobat 7, 8, 9, X & XI.
Refer to Verifying Security Features for instructions on displaying the security options.
Encryption options
The table below describes low-level encryption options.
High level encryption provides additional security options as are defined in the table below.
| Type | Option | Parameter | Description |
|---|---|---|---|
| Encryption | -encrypt | Encrypt using the RC4 stream cypher (same as -rc4) | |
| -aes | Encrypt using the Advanced Encryption Standard (AES) algorithm (SecurSign & APCrypt) | ||
| -rc4 | Encrypt using the RC4 stream cypher | ||
| -keylength | 128 | Key length. Valid options are 40, 128 or 256. Default is 128. (256 bit – SecurSign & APCrypt Only) | |
| -ownerpass | oPassword | New owner password (required) | |
| -userpass | uPassword | New user password | |
| -onlyattach | Encrypt document attachments only using AES; to use the PDFas a secure envelope for the attachments (requires -userpass) (SecurSign Only) | ||
| -remove | Remove all encryption from the PDF document. (Requires -ownerpass) | ||
| -d | Password | Old owner password – (Except AppendPDF & AppendPDF Pro) | |
| Permissions | -noaccess | Do not allow accessibility (128 & 256) – (256 bit – SecurSign & APCrypt Only) | |
| -nocopy | Do not allow copying text or graphics | ||
| -noprint | Do not allow printing | ||
| -nohighres | Do not allow high resolution printing (128 & 256) – (256 bit – SecurSign & APCrypt Only) | ||
| -nomodify | Do not allow modifying the document | ||
| -nonotes | Do not allow adding or changing notes or form fields | ||
| -nofill | Do not allow filling in form fields or signing (128 & 256) – (256 bit – SecurSign & APCrypt Only) | ||
| -noassembly | Do not allow document assembly (128 & 256) – (256 bit – SecurSign & APCrypt Only) |
The first four permissions can be used in any combination, except you can’t use -noprint and -nohighres together. Choose one or the other. The last four must be used in specific combinations that Acrobat accepts.
-encrypt — Encrypt output file (optional)
Specifies applying encryption to the output file using the RC4 stream cypher. This option is the same as -rc4.
-aes — Encrypt using the AES cryptography algorithm (optional) (SecurSign & APCrypt Only)
Encrypt the output file using the Advanced Encryption Standard (AES) cryptography algorithm.
-rc4 — Encrypt using the RC4 cryptography algorithm (optional)
Specifies applying encryption to the output file.
-keylength <int> — Encryption level (optional)
Specifies the encryption key length used to encrypt the document: either 40-bit, 128-bit or 256-bit. (256- bit SecurSign & APCrypt Only)
If you do not specify key length, the default is 128-bit.
-ownerpass <password> — New owner password (required)
Specifies a new Owner password to apply encryption. An Owner password restricts you from altering the security settings. You are not prompted for a password to open the document, only if you try to change the security settings. Passwords are case sensitive and are required when applying encryption.
Choose passwords carefully. They should not be able to be guessed easily but at the same time should not be too difficult for you to remember. If you forget a password, there is no way to recover it from the document. Therefore, it is a good idea to note passwords in another secure location.
-userpass <password> — Set user password (optional)
Specifies a User password for the document. Setting a User password prevents a document from being opened unless the correct password is supplied. Passwords are case sensitive.
Below is the Document Open Password dialog box.
When someone tries to open the document in Acrobat they will be asked for the password.
User password is optional. If you do not specify a User password, anyone can open the document.
-onlyattach — Secure Envelope(optional) (SecurSign Only)
Utilize PDFs as secure envelopes; apply 256-bit AES security to PDF and non-PDF file attachments while leaving the PDF itself unencrypted.
-remove — Remove all encryption from the PDF document
Removing encryption from the PDF document requires the document owner password using -ownerpass.
-d <string> — Old owner password to decrypt the file (Not available for AppendPDF & AppendPDF Pro)
If a PDF file already has encryption set and you wish to change the settings or remove encryption (APCrypt/SecurSign only), you need to supply the owner password in order to make changes to the file.
Document Permissions
-noprint — Do not allow printing (optional)
Specifies that the document cannot be printed. When the document is opened, the print icon on the toolbar and the Print option under the file menu will be grayed out.
At the 128-bit and 256-bit encryption level there is also an option to allow low resolution printing only. See the section High-level encryption for more detail.
-nomodify — Do not allow modifying the document (optional)
Specifies that the document cannot be modified. You will not be able to modify text or pages in the document when this option is used. You can fill in form fields, or add notes or other annotations.
With -nomodify, the following tools are grayed out and cannot be used when the document is opened in Acrobat:
- Crop tool
- Movie tool
- Link tool
- Article tool
- Form tool
- Digital Signature tool
Text can be selected for copying but cannot be cut, pasted or cleared.
-nocopy — Do not allow copying text or graphics (optional)
Specifies text and graphics cannot be copied.
With -nocopy, the following tools are grayed out and cannot be used when the document is opened in Acrobat:
- Text Select tool
- Touch-Up Text tool
- Table/Formatted Text Select tool
-nonotes — Do not allow adding or changing notes or form fields (optional)
Specifies that annotations cannot be added or changed in the document. Annotations include notes, highlighted text, form fields and pencil marks. Annotations can be in text, graphic or audio format, or even attached external files.
With -nonotes, the following tools are grayed out and cannot be used when the document is opened in Acrobat:
- Notes tool
- Pencil tool
- Highlight Text tool
- Form tool
- Digital Signature tool
- Free Text tool
- Sound Attachment tool
- Stamp tool
- File Attachment
- Square tool
- Circle tool
- Line tool
-noaccess — Do not allow accessibility (optional)
Specifies content accessibility is not allowed. Content accessibility provides the vision and motion-challenged community with the tools and resources to make digital information more accessible. To learn more about content accessibility consult the Acrobat Help guide within Acrobat.
-nohighres — Do not allow high resolution printing (optional)
Specifies low resolution printing only. Acrobat prints each page as a low resolution (150 dpi) bitmap. The document cannot be recreated from these printouts.
-nofill — Do not allow filling form fields or signing fields
Specifies that no changes can be made to form fields or digital signature fields. This setting effectively prevents a filled-in form from being changed.
-noassembly — Do not allow document assembly
Specifies that no new pages can be added or removed from the PDF document. Also prevents rotating pages in the document. Effectively prevents pages being removed from the PDF document to be used elsewhere.
Permissions Allowed with 40-bit Encyption
The table below shows how the software application security options correspond to Acrobat’s security restrictions. The “Changes Allowed” column below lists the features still available after the document is secured.
| Option | Restrictions Set (Not Allowed) |
Changes Allowed |
|---|---|---|
| -nocopy | Content Copying or Extraction Content Accessibility |
|
| -noprint | Printing | |
| -nomodify -nonotes |
Changing the Document Document Assembly Authoring Comments and Form Fields Form Field Fill-in or Signing |
None |
| -nomodify | Changing the Document Document Assembly |
Commenting, filling in form fields, and signing |
| -nonotes | Authoring Comments and Form Fields | Page layout, filling in form fields, and signing |
| none | Any except extracting pages |
Permissions Allowed with 128-bit or 256-bit Encryption
Acrobat accepts certain combinations of the “Changes Allowed” options. The Changes Allowed options are:
- -nomodify — Do Not Allow Modifying the Document
- -noassembly — Do Not Allow Document Assembly
- -nonotes — Do Not Allow Adding or Changing Notes or Form Fields
- -nofill — Do Not Allow Filling In or Signing of Form Fields
The table below shows security options vs. restrictions set with high level encryption. These combinations are discussed below.
| Option | Restrictions Set (Not Allowed) |
|---|---|
| -noaccess | Content Accessibility |
| -nocopy | Content Copying or Extraction |
| -noprint | Printing |
| -nohighres | Only Low Resolution Printing is allowed |
| -nomodify -nonotes -nofill -noassembly |
Changing the Document Authoring Comments and Form Fields Form Field Fill-in or Signing Document Assembly |
| -nomodify -nonotes -nofill |
Changing the Document Authoring Comments and Form Fields Form Field Fill-in or Signing |
| -nomodify -nonotes -noassembly |
Changing the Document Authoring Comments and Form Fields Document Assembly |
| -nomodify -noassembly |
Changing the Document Document Assembly |
| none |
Allow no changes with -nomodify -noassembly -nonotes -nofill
Turning off all changes means: do not allow document modification (-nomodify), do not allow document assembly (-noassembly), do not allow the adding or changing of notes or form fields (-nonotes) and do not allow the fill-in or signing of form fields (-nofill). These options must all be used together for this setting to be made.
Allow inserting, deleting, and rotating pages with -nomodify -nonotes -nofill
This setting only allows document assembly.
These options specify: do not allow document modification (-nomodify), do not allow the adding or changing of notes or form fields (-nonotes) and do not allow the fill-in or signing of form fields (-nofill).
Allow filling in form fields, and signing with -nomodify -noassembly -nonotes
This setting only allows form field fill-in or signing.
These options specify: do not allow document modification (-nomodify), do not allow document assembly (-noassembly), and do not allow the adding or changing of notes or form fields (-nonotes).
Allow commenting, filling in form fields, and signing with -nomodify -noassembly
This setting allows the adding or changing of notes or form fields and the fill-in or signing of form fields.
These options specify: do not allow document modification (-nomodify), and do not allow document assembly (-noassembly).
Allow any except extracting pages with no options
If you don’t use any Changes Allowed options, Acrobat will allow any changes except extracting pages.
Verifying Security Features
To view the current security settings:
| Acrobat 7 | Select Document > Security > Show Security Settings for This Document, then click the Show Details… button. |
|---|---|
| Acrobat 8 and 9 | Select Advanced > Security > Show Security Properties, then click the Show Details… button. |
| Acrobat X AND XI | Select File > Properties. Click the Security tab, then click the Show Details… button. |
In the example shown below, both a User password and an Owner password are set, only low resolution printing is allowed, changing the document, content copying and extraction, authoring comments and form fields, and form field fill-in or signing are not allowed, content accessibility and document assembly are allowed and encryption is 128-bit.
