Unlock PDF

About PDF Unlocker

This tool removes password protection from PDF files. If you know the password, you can unlock the PDF and save a new copy without any password restrictions. All processing happens in your browser for complete privacy and security.

Is it legal to remove a PDF password I forgot?

Removing a password from a PDF you legitimately own — a bank statement you can no longer access, a document you encrypted years ago, a manual you bought — is legal in virtually every jurisdiction. What matters is ownership and authorisation, not the technical act of removing encryption. Where the line gets crossed is removing passwords from files you do not own, files you obtained without authorisation, or files where the owner has explicitly restricted copying or printing for IP-protection reasons. This tool is designed for the first category: you provide both the file and the password you know, and the tool produces an unlocked copy. If you do not know the password, the tool cannot recover it — it does not perform brute-force cracking, and any service that claims to do so for free should be treated with deep suspicion.

What's the difference between user password and owner password protection?

Acrobat-style PDFs support two distinct passwords. The user password (also called the open password) prevents anyone from opening the file at all — without it, the content is encrypted and unreadable. The owner password (also called the permissions or master password) lets the file be opened freely but restricts operations like printing, copying text, modifying, or adding annotations. Both are stored in the same Encrypt dictionary and use the same underlying cipher (RC4 40-bit, AES 128-bit, or AES 256-bit depending on the PDF version). This tool can remove either kind if you supply the correct password. Removing an owner password produces an output with no restrictions, identical in content to the input but freely printable and copyable.

How does PDF encryption strength compare across 40-bit, 128-bit, and 256-bit?

PDF 1.1–1.3 used RC4 40-bit, which by 2026 standards is trivially breakable by a desktop computer in seconds — it survives only for backwards compatibility with very old readers. PDF 1.4–1.6 introduced RC4 and AES at 128-bit, which is still considered safe for most purposes; brute-forcing a 128-bit key would take longer than the age of the universe with current hardware. PDF 1.7 Extension Level 3 (and PDF 2.0) added AES 256-bit with a stronger key derivation function (PBKDF2 with SHA-256), which is the current gold standard and matches the encryption used in modern HTTPS and disk encryption. If you are protecting sensitive documents today, always pick AES 256-bit; the file size and CPU overhead are negligible on modern devices.

Will unlocking change the visible content of my PDF?

No — unlocking only removes the Encrypt dictionary and rewrites the cross-reference table; every page object, font, image, and annotation is preserved exactly. The visible content, page count, page size, embedded fonts, OCR text layer, bookmarks, and form fields are byte-for-byte equivalent to the original. The unlocked output may be a different file size because removing the encryption layer also strips a small encryption header (a few hundred bytes) and the cipher's per-stream padding (a few bytes per object). DocumentID is regenerated, which is correct PDF spec behaviour because the unlocked file is technically a new document version. Hashes and digital signatures on the original file no longer match the output — by design — so re-sign after unlocking if signatures matter.

Are my files uploaded to a server when I use this tool?

No — this tool runs entirely in your browser using pdf-lib, which means the file is read, decrypted, and rewritten using only your device's CPU and memory. Nothing is ever sent over the network. You can verify this by opening your browser's network tab in DevTools (F12) before clicking Unlock — you will see zero outgoing requests carrying the file's bytes. This client-side architecture is essential for the legitimate use cases (your own bank statements, payslips, contracts, medical records) where uploading the sensitive document to a third-party server would defeat the purpose of having a password on it in the first place. Even Anthropic, Google, or your IT department cannot intercept what is never transmitted.

Can the tool unlock PDFs with public-key encryption (certificate-based)?

Standard password-based encryption is supported. Public-key (certificate) encryption, used in enterprise document distribution where each authorised recipient has a different X.509 certificate and the file is encrypted to a list of recipient keys, is more complex and not supported by this browser tool. For certificate-encrypted PDFs you need a full Adobe Acrobat installation (or qpdf with the matching private key) configured with your certificate and private key in the local trust store. The same applies to PDFs protected by Adobe LiveCycle Rights Management (now Adobe Experience Manager Document Security), which uses online policy server checks — unlocking those requires going through the policy server with valid credentials, not a client-side bypass.

How do I tell if a PDF is using AES 256-bit vs older encryption?

Open the PDF in Adobe Acrobat or any modern reader, go to File → Properties → Security tab; it shows the encryption algorithm and key length. From the command line, `qpdf --show-encryption file.pdf` prints the algorithm, R (revision: 2 = RC4-40, 3 = RC4-128, 4 = AES-128, 5/6 = AES-256), the user/owner key data, and the bit-by-bit permission flags. Inside the file itself, the Encrypt dictionary contains V (algorithm version, 1–5), R (revision), Length (key length in bits), and CF (crypt filter) entries that pin down the cipher exactly. PDF 2.0 files use V=5 R=6 by default, which is AES-256 with SHA-256 password hashing; PDF 1.7 files commonly use V=2 R=3 (RC4-128) unless explicitly upgraded.

If the PDF has both user and owner passwords, do I need to provide both?

You need to provide the one that grants you the level of access you want to remove. Provide the user password if you only know that one — the tool will then have full content access and can strip both layers in the output. Provide the owner password if you want to remove printing/copying restrictions on a file you can already open. Some tools accept only the user password, but pdf-lib accepts either: it tries the supplied password against both slots and uses whichever validates. If you supply the wrong password, the tool returns an error and no output file is produced — there is no partial unlock. The original file is never modified on disk; the output is always a separate file you can compare against.