Encryption and PDF permissions, done right
22 October 2025 · 6 min read · Nextarp B.V.
"Password-protect the PDF" hides two very different mechanisms. Understanding them prevents a false sense of security and awkward interactions with signing.
Two kinds of password
- A user (open) password encrypts the document - without it, the content cannot be read at all. This is real confidentiality.
- An owner (permissions) password leaves the document readable but restricts actions like printing, copying or editing. These restrictions are enforced by well-behaved viewers, not by cryptography.
Choose encryption strength
Use modern AES (256-bit) rather than legacy RC4. The strength of the protection is only as good as the password, so pair it with strong, per-document secrets where confidentiality matters.
Permissions you can set
Printing (and print quality), content copying, form filling, commenting and page extraction can each be allowed or denied. Treat these as deterrents and workflow hints, not hard security.
Encryption and signing together
Order and compatibility matter: a signature must remain verifiable after encryption, and some archival profiles (PDF/A) forbid encryption entirely. Decide the combination up front - a signed, then encrypted document for a confidential contract; a signed, unencrypted PDF/A for a long-term public record.
Practical default
For sensitive delivery, AES encryption with a strong user password plus a signature gives both confidentiality and authenticity - configurable per document in DocsNG.
Related articles
- HSM, cloud KMS or local PFX: where signing keys live · Security
- eIDAS explained: AdES, QES and QSeal for documents · Compliance
- AI-assisted template authoring in Microsoft Word · Product
