PDF Passwords Explained: The Two Kinds, and How to Remove or Add One
7 min read
Two PDFs land in your inbox. The first refuses to open at all until you type a password. The second opens fine, you can read every page, but the print button is grayed out and copying text does nothing. Both files are 'password protected,' yet they behave completely differently. The explanation is that the PDF format supports two separate passwords doing two separate jobs. Once you know which one you are dealing with, everything falls into place: why some locked PDFs unlock instantly with no password, why others genuinely cannot be opened without the right one, and how to put real protection on a document of your own.
The two kinds of PDF password
The PDF specification defines two distinct passwords that can be set on a document, together or separately. They are usually called the user password and the owner password, and mixing them up is the source of most confusion about locked PDFs.
The user password, sometimes called the open password, is the one most people picture. When it is set, the document's contents are encrypted, and a reader must have the password to decrypt and display anything. Without it, the file is genuinely unreadable: pages, text, and images are all ciphertext. This is the password on bank statements, payslips, and tax documents, which is why those files demand a password every single time you open them.
The owner password, sometimes called the permissions password, does a different job. It does not stop anyone from opening or reading the file. Instead, it lets the author switch off certain actions: printing, copying text, editing, filling form fields, adding annotations. The file opens normally for everyone, but well-behaved PDF readers gray out the restricted buttons. If you have ever had a PDF that displays perfectly but refuses to print, you have met the owner password.
A document can have both at once, either one alone, or neither. The behavior tells you which case you are in: a password prompt on open means a user password; a file that opens but blocks printing or copying means an owner password only.
What restrictions actually do (less than you think)
Here is the part that surprises people: owner-password restrictions are not enforced by encryption. They are a set of permission flags stored inside the file, and it is up to each PDF reader to notice and honor them. Adobe Acrobat does; so do most mainstream viewers. But the restriction is a request to the software, not a mathematical barrier, which is why the PDF world describes these flags as advisory.
Contrast that with the user password. When an open password is set, the document body is actually encrypted, and in a modern PDF that means strong encryption such as AES. There is no flag to ignore; without the correct password there is simply no readable content to display. Older PDFs used the much weaker RC4 cipher, and very old ones used 40-bit keys that are trivially breakable today, but current tools encrypt with AES-256.
This asymmetry is the key insight of the whole topic. An open password on a modern PDF with a strong passphrase is real security. A permissions-only lock is closer to a 'please do not' sign: meaningful for keeping honest users inside the intended workflow, but not a serious barrier, and never something to rely on for confidentiality. If a document must stay private, encrypt it with an open password; do not settle for disabling the copy button.
Why restriction-only PDFs unlock without a password
This is the question people ask most, usually with some suspicion: how can a tool remove my PDF's password without me typing it? For restriction-only files, there is no secret to crack in the first place.
When a PDF has only an owner password, every reader still has to be able to open and display the file for anyone, with no prompt. That means the content is decryptable without the owner password by design; otherwise the file could not open at all. The owner password only gates the permission flags. A tool that rewrites the document without the encryption layer is not breaking anything cryptographic. It is doing what any reader already does to show you the pages, then saving the result without the flags attached.
A user password is a completely different story. The content is encrypted with a key derived from that password, so no legitimate tool can open the file without it. FileTinker's unlock tool never cracks, guesses, or brute-forces passwords: if your PDF has an open password, you must enter the correct one. Anyone promising to 'recover' a lost open password from a modern AES-encrypted PDF is either brute-forcing weak passwords or overpromising.
When removing protection is legitimate, and when it is not
Removing PDF protection sounds shady until you look at the situations where people actually need it, which are overwhelmingly mundane and about documents they already own or have every right to use.
The everyday cases look like this: a bank statement that demands your account-number-plus-birthdate password on every open, forever, even in your own archive folder. A government form you are required to fill out and return, but whose form-filling permission was switched off. An insurance document you need to print for a claim, with printing disabled. Your own old files, protected years ago with a password you still know but are tired of typing. In every one of these, you can already open the document; you are just removing friction from a file that is yours to use.
The line is easy to state: removing protection from documents you own or have rights to is legitimate; getting into someone else's protected file is not, and for open-password files it is also not possible, because the tool requires the correct password. Unlocking does not grant any access you did not already have; it converts access you have into access without the ceremony. If a document's author restricted it and you are unsure you may lift that restriction, ask them rather than route around it.
How to remove a password or restrictions in your browser
FileTinker's unlock-pdf tool handles both kinds of protection, and it runs entirely on your own machine. Under the hood it uses qpdf, a well-established open-source PDF engine, compiled to WebAssembly so it executes inside your browser tab. Your file is never uploaded anywhere, which matters enormously here: the PDFs people unlock are precisely the sensitive ones, and sending them to a stranger's server to be decrypted is the worst possible place for them.
The workflow depends on which password the file has. If it is restriction-only, meaning the file opens but printing, copying, or editing is blocked, just drop it in: it unlocks with no password required at all, for the reasons covered above. If the file has an open password, enter the password you normally use to open it. Enter the wrong one and you get a clear error message, not a broken output.
Either way, the result is the same document without the encryption layer: same pages, same text, same images, no password prompt and no grayed-out buttons. One follow-up worth considering: if the file carries a title, author name, or other properties you would rather not pass along, run it through the edit-pdf-metadata tool afterward to review and clean them.
How to protect a PDF properly
Protection is the mirror image, and getting it right means learning from everything above. FileTinker's protect-pdf tool encrypts your document with AES-256 using a password you choose, again entirely in your browser, so the unprotected original never leaves your machine even during the encryption step.
AES-256 is the strong, modern standard for PDF encryption, and with a good password it is effectively unbreakable by brute force. That last clause is doing all the work: an attacker does not need to defeat AES, only to guess your password. A short or guessable password undermines the best cipher in the world.
A few rules make the difference between real protection and theater:
- Use a long passphrase, not a short word. Three or four random words, or 16-plus mixed characters, pushes brute-force attacks from feasible to hopeless.
- Avoid passwords derived from the document, like a birthdate, account number, or company name. Those are the first guesses an attacker automates.
- Send the password over a different channel than the file. If you email the PDF, share the password by phone or a messaging app, never in the same email.
- Store the password somewhere durable, like a password manager. A genuinely strong open password has no recovery path; losing it means losing the document.
- Do not rely on permissions-only restrictions for confidentiality. If the content must stay private, it needs an open password with AES-256, full stop.