PDF-XChange Viewer didn't prompt to enter password

[BloodLust]

I create a PDF file by "eDocPrinter PDF Pro Ver 6.16 Build 3902-3898" and protect the PDF file by password. When I open the PDF file by Adobe Acrobat Reader 8.1.0, Adobe Acrobat Reader will prompt a dialog window and ask for the password to open the file, but PDF-XChange Viewer won't. I can open the file without any password. Please help to figure out what's going on.

You can find the PDF file in the attachment. Thanks for your help.

[Lzcat - Tracker Supp]

This is because a PDF require's two passwords - one for opening the document (user password), and another to change document permissions (owner password).

Both allow the opening of the PDF file and it is the responsibility of the application to handle this.

Adobe treat the empty owner password as not acceptable, however the PDF specification does not restrict this.

In your file you set a password to open the document but don't set a password to change permissions (the owner password is empty). So according to the pdf specification your file can be opened with an empty password (again, Adobe accept an empty user password, but not the owner one, when other applications may treat this in a different way).

If you want make sure that your file will be secure always - set both passwords to avoid any ambiguity in how the file may be treated by differing applications.

[BigMike]

Hi, I just read in the PDF-XChange Viewer postings this answer on a question, why password protection isn't working.

Re: PDF-XChange Viewer didn't prompt to enter password
by Lzcat on Fri Jul 04, 2008 6:57 am
This is because PDF require two passwords - one for open document (user password), and other to change document permissions (owner password). Both of them allow open PDF file and it is responsibility of program to handle this. Adobe treat empty owner password as not acceptable, however PDF specification do not restrict this. In your file you set password to open document but don't set password to change permissions (owner password is empty). So regarding pdf specification your file can be opened with empty password (again, Adobe accept empty user password, but not owner one, when other applications may treat this in different way). If you want make sure that your file will be secured always - better set both passwords.

May I propose to change the corresponding strings in the PDF-XChange printer driver and PDF-Tools! At the moment it's "Password Required to Open the Document:"
I'd suppose because of this text, that anyone who wants to read this document, will have to enter this password, if I don't set a owner password.
But in fact, you can only specify another password if you want users to be able to read this document but not allow to change it.
I think you should point out somehow, that also an owner password has to be set, to grant the password protection in all available viewers.

Regards, Mike

[John - Tracker Supp]

Hi Mike,

The problem is - what text to use - also bearing in mind we have to translate into a variety of languages - it has to be concise - but explanatory - not so easy to do.

[John - Tracker Supp]

On reflection and to avoid confusion - we will treat this as Adobe do in our Viewer also, so from build 39, such files will require a password for viewing - even if only the user password is set.

HTH

[BigMike]

On reflection and to avoid confusion - we will treat this as Adobe do in our Viewer also, so from build 39, such files will require a password for viewing - even if only the user password is set.

This might avoid confusion for people using the Adobe Reader and PDF-XChange Viewer, but I think it's definitely no solution for the problem. And what about people using the PDF viewer XY, which allows opening those documents without password and when they try to open it with PDF-XChange Viewer, they are prompted for a password? Then you'll get the questions the other way round!

Please consider my opinion on this:
If the specification allows opening the pdf's without password, you should allow it too.
Document passwords and encryption are there to ensure, that nobody can read the document if the author doesn't want him to. But pretending security, where actually there is no, is the totally wrong way to reach this goal and goes into the converse direction in my eyes.

First thought should go to the authors of secured documents.
After creating their document, they may test it with one ore two viewers, to see if it's displayed as they want. If these viewers prompt for a password, they will feel sure, that nobody can read the information without the password.
An author might publish such a document with confidential information and anyone out there can read it using the "right" viewer. (And if the specification allows it, there'll always be the "right" viewer and people, who want this information will know where to get it). The goal of password protection is missed: Anyone can read the document! Even worse: The author is sure his document is protected, so his future documents won't be secured, too.
Maybe he's lucky - one of his readers uses a viewer, which don't ask for a password and this user tells him, that there's a big problem with the security of his documents. At least future documents would be more secure...
But if most viewers ask for a password, it's even more unlikely to happen that anyone gets aware of the problem...

If the author had used PDF-XChange Viewer for example, to test his document and he wasn't prompted for a password to view, he would have been probably confused, because Adobe Reader does, but you can be sure, the confidential information wouldn't be published, the goal of password protection is reached!
He'd probably search the help or ask in a forum like this and get the necessary help to make all his future documents really secure.

Because of this reason, I think other viewers should handle these documents as PDF XChange Viewer does and not the other way round! But you can't change other viewers, so here's the wrong place to post this...

This is a problem at creation time of a document, at the time the document is viewed it's already too late. The viewer shouldn't try to conceal the weaknesses of the creation software or the (public available!!) document specification in this case! Security of confidential information goes over ease of use or expected behaviour of the software!
I'm not using PDF-XChange Viewer because it does things like Adobe Reader does - I'm using it, because it does things better!!

The problem is - what text to use - also bearing in mind we have to translate into a variety of languages - it has to be concise - but explanatory - not so easy to do.

I see your problem, a solution which came to my mind and doesn't require any text change was for example:
- switch the checkboxes and field's for owner and user password
- disable the user password checkbox and field, when no owner password is used
- when the user checks the owner password checkbox, enable the user password checkbox
- when the user unchecks the owner password checkbox, uncheck and disable the user password checkbox

This should make sure, that a user password can only be set, if an owner password is set, too!

A solution with an additional text could look like this: Add simply a label with text:
"Warning: Any of the passwords will open the document. To make sure, that a password is queried, you have to set both!"

Also combining the two solutions may be a good idea, so that nobody would leave the owner password empty.

Best Regards,
Mike

[BigMike]

On reflection and to avoid confusion - we will treat this as Adobe do in our Viewer also, so from build 39, such files will require a password for viewing - even if only the user password is set.

This might avoid confusion for people using the Adobe Reader and PDF-XChange Viewer, but I think it's definitely no solution for the problem. And what about people using the PDF viewer XY, which allows opening those documents without password and when they try to open it with PDF-XChange Viewer, they are prompted for a password? Then you'll get the questions the other way round!

Please consider my opinion on this:
If the specification allows opening the pdf's without password, you should allow it too.
Document passwords and encryption are there to ensure, that nobody can read the document if the author doesn't want him to. But pretending security, where actually there is no, is the totally wrong way to reach this goal and goes into the converse direction in my eyes.

First thought should go to the authors of secured documents.
After creating their document, they may test it with one ore two viewers, to see if it's displayed as they want. If these viewers prompt for a password, they will feel sure, that nobody can read the information without the password.
An author might publish such a document with confidential information and anyone out there can read it using the "right" viewer. (And if the specification allows it, there'll always be the "right" viewer and people, who want this information will know where to get it). The goal of password protection is missed: Anyone can read the document! Even worse: The author is sure his document is protected, so his future documents won't be secured, too.
Maybe he's lucky - one of his readers uses a viewer, which don't ask for a password and this user tells him, that there's a big problem with the security of his documents. At least future documents would be more secure...
But if most viewers ask for a password, it's even more unlikely to happen that anyone gets aware of the problem...

If the author had used PDF-XChange Viewer for example, to test his document and he wasn't prompted for a password to view, he would have been probably confused, because Adobe Reader does, but you can be sure, the confidential information wouldn't be published, the goal of password protection is reached!
He'd probably search the help or ask in a forum like this and get the necessary help to make all his future documents really secure.

Because of this reason, I think other viewers should handle these documents as PDF XChange Viewer does and not the other way round! But you can't change other viewers, so here's the wrong place to post this...

This is a problem at creation time of a document, at the time the document is viewed it's already too late. The viewer shouldn't try to conceal the weaknesses of the creation software or the (public available!!) document specification in this case! Security of confidential information goes over ease of use or expected behaviour of the software!
I'm not using PDF-XChange Viewer because it does things like Adobe Reader does - I'm using it, because it does things better!!

Best Regards,
Mike

[Bhikkhu Pesala]

A valid point Mike. I agree that what PDF-XChange is doing now is safer for the reasons you state — because it shows the author that his documents are not properly protect — though I was going to comment earlier that to follow Adobe's leader was better. I even downloaded the PDF Specification document to see which of the two viewers were following the security specification, but I couldn't find a definitive answer.

I find that PDF documents produced from PagePlus X2 with no security at all was shown as expected in PDF-XChange, but in Adobe Reader I found that commenting was not allowed and document assembly was not allowed. Again, PDF-XChange does what I expected here.

It's all rather confusing for non-experts. It would be helpful if PDF-XChange would offer some warning to users if a document with a User password could be opened in other viewers because a password is not set, or that a document cannot be commented on in other viewers because no permissions have been set.

The attached file has a password of "Tracker" to open it, but note the different document properties shown in PDF-XChange and Adobe Reader. I did not set any master password to change permissions and passwords.