Complete Guide to PDF Security in 2025
PDF Passwords and Encryption
PDFs support two types of passwords: an open password (needed to open the file) and a permissions password (restricts printing, copying and editing). Both use AES-256 encryption in modern PDFs.
To add real password protection, use PDF24 (Windows, free) or macOS Preview (File > Export as PDF > Security). Browser-based tools cannot apply true encryption due to JavaScript security constraints.
Watermarks as Visual Security
Watermarks deter unauthorised copying and clearly identify document status. Use DocMind Watermark PDF to add custom text watermarks. Try the "Tiled" option for full-page coverage that makes screenshots difficult to use.
Redacting Sensitive Information
Redaction permanently removes sensitive text or images from a PDF. Simply drawing a black box over text is NOT secure — the text is still in the file. True redaction requires dedicated tools like Adobe Acrobat Pro or PDF24's redaction feature.
PDF Security Best Practices
- Use strong passwords (12+ characters, mixed case, numbers, symbols)
- Store passwords in a password manager, not in the document name
- Use watermarks on all documents shared outside your organisation
- Always compress and finalise PDFs before adding password protection
- Test that recipients can open the file with the password before sharing