Security overview

The security offering has the following main elements:


Actions that can be allowed or prohibited using a Permissions password: printing the document, high resolution printing, editing real PDF content, copying or extracting content, extracting Pages, accessibility access (usually allowed), commenting, form filling, and signing and document assembly.

Digital identities (IDs)

Passwords give control over document use; their disadvantage is that you must distribute one or more passwords to recipients via e-mail, letter or phone, and these messages can be intercepted and misused. Digital IDs avoid this pitfall. A Digital ID is used when signing or certifying documents or when using Certificate Security. Power PDF can create self-signed certificates, which can also be obtained from Certificate Authorities. Security Certificates allow documents to be locked and unlocked using public keys and private keys. See Digital ID overview.


Documents signed through a Certificate Authority make it possible to verify that no changes have been made since the document was signed and assure the signer's identity. If changes were made, a comparison can show what changed. A document can be just signed using the top part of the Sign/Certify panel, or it can be signed and certified using the bottom part of the panel. This approach allows the sender to limit the changes that recipients may make to the document See Sign/Certify Panel and Signing and Certifying Documents.

You can place a signature or other identifier in a document as a stamp (that is, a type of comment), but offers no protection against later changes: create it from a hand-drawn signature, an imported image file (typically with your scanned signature) or a text that is typed in. See Handwritten Signatures.


Certificates are files that contain Digital IDs and accompanying data. These files can be used for

  • Signing documents so their authenticity can later be verified.

  • Certifying documents, so they have a verifiable signature plus a limitation on the actions a recipient may perform.

  • Protecting documents by Certificate Security; this ensures that PDF contents are protected by encryption.

For Certificate security Power PDF can create self-signed certificates, they can also be obtained from Certificate Authorities.

Your own created Certificate file contains both your own private key plus your own public key. It must be stored in the Security Settings dialog box called from Security > IDs and Certificates > Manage Digital Identities or in the Windows Certificate Store. The file must not be shared.

Select Export Certificate to generate a Public ID file, which does not contain your private key; it contains only your public key plus associated data. This file can be distributed to partners. Such files received from partners must be stored in the Manage Trusted Identities dialog box called from Security > IDs and Certificates > Trusted Identities or in the Windows Certificate Store.

Time stamp services

These services are registered with a Time Stamp Server, and offer verification that the date and time shown in a signature really indicate the time of the signing. See: Time Stamping a Digital Signature.


Envelopes serve as containers to group together a set of attached files, which may have their own security. Security can also be applied to the envelope, setting up conditions for recipients to access all enclosed documents. See Envelopes overview .

Secure delivery

A four-step wizard is available to help you prepare documents for delivery. The steps are selecting an envelope, attaching files, applying encryption and a signature. See: Secure Delivery.

Support exists for the Microsoft Active Directory Rights Management Service (RMS). Access it through the right-most tool on the Security tab. The option functions only if your computer has an installed client component for RMS.