PDF Password Remover
Remove PDF password protection online for free. Unlock your PDF instantly.
Advertisement
Drop a protected PDF here
PDF files only
Advertisement
Adobe Acrobat
The world standard for PDFs
Edit, sign, compress, merge, protect PDFs. 500M+ users. 7-day free trial.
Start Free TrialHow to Use This Tool
Upload Your PDF
Upload the password-protected PDF. The tool immediately shows a security report listing all restrictions on the file.
Enter the Password
Enter the password you know for the file. This is required to verify you are the authorised owner of the document.
Remove and Download
Click Remove Password. Download the unlocked PDF that can now be opened, printed, and edited without restrictions.
Advertisement
Related Tools
Frequently Asked Questions
Can this remove passwords from PDFs I don't own?
What is the difference between user and owner passwords?
Is it safe to upload sensitive PDFs?
Why can't I open the PDF even after removing the password?
About PDF Password Remover
Your bank sent the year-end statement as a password-protected PDF, you know the password (your account number), and now you need to merge it into your tax folder where the accountant needs it unlocked so their software can parse it. Or your own archive of three-year-old contracts is password-locked and you have rotated the credentials out of your password manager — you remember the password but the owner no longer needs the restriction. This remover takes a PDF plus the password you know and strips the encryption dictionary, outputting a clean unencrypted copy. It uses qpdf-wasm (a WASM build of the qpdf command-line tool) because pdf-lib does not implement decryption — the tool runs the decryption step inside a WebAssembly sandbox in your browser, so the file and password never reach a server. To be explicit: this removes passwords you already know. It is not a cracker, it will not bypass protection on files you do not own, and we intentionally rate-limit wrong-password attempts to discourage misuse. Use this for your own documents where the restriction is no longer needed.
When to use this tool
Unlocking a bank statement for tax prep
A taxpayer downloads a year-end statement from their bank portal which delivers it password-protected (password is the last four of the account number). Unlock so the PDF can be merged into a single tax-year archive the accountant's OCR software can read without repeatedly prompting for credentials.
Archiving old signed contracts
A lawyer has 200 signed client contracts from 2019-2022 that were password-protected as part of the firm's old security policy. The policy has since changed to encrypted storage at the filesystem level. Batch-unlock the contracts (knowing the firm's old shared password) to migrate into the new S3-backed DMS.
Removing permission restrictions on your own thesis
A PhD student protected their thesis PDF with an owner password to prevent annotations during committee review, now needs to publish an open-access version on the university repository which requires the file be modifiable. Remove the owner-password restriction, upload the clean version.
Accessing old invoices after a password-manager loss
A small-business owner's password manager database got corrupted, but they remember the QuickBooks invoice password (they used a predictable pattern). Unlock the archive of 2023 invoices so the bookkeeper can run year-end reconciliation without the lock.
Preparing a restricted PDF for searchable archive
An archivist inherits 50 historical reports that were password-protected by the original author (now retired but password documented in handover notes). Unlock so the reports can be OCR'd and indexed in the organization's Elasticsearch-based archive for public-records search.
How it works
- 1
qpdf-wasm handles decryption inside your browser
qpdf is the reference tool for PDF decryption — it implements the full PDF encryption spec including AES-128, AES-256, and legacy RC4. We load a WASM build of qpdf into the browser, hand it your file and password, and qpdf writes out a new PDF with the /Encrypt dictionary removed. The WASM module runs in the same sandbox as any other browser code with no network access, so neither file nor password leaves the tab.
- 2
Both password types are handled
PDFs support two password types: the user password (required to open the document) and the owner password (required to modify or print with restrictions). If your PDF has only an owner password, you can open it freely but cannot remove restrictions without the owner password. qpdf accepts either password and produces an unencrypted output; this tool attempts the user-password path first, falling back to owner-password handling if you indicate the restriction is permissions-only.
- 3
Wrong-password attempts are rate-limited
Unlike a local qpdf CLI run, this tool enforces a 3-second delay between failed decryption attempts and a hard cap of 5 attempts per browser session. The rate limit is deliberate: brute-forcing a PDF password is slow but not impossible for short passwords, and we do not want to provide a throughput advantage for someone attempting to unlock a file they do not own. The limits reset when you reload the page, but the intent is to discourage misuse, not provide a workaround.
Honest limitations
- · You must know the password; this tool does not and will not attempt to crack unknown passwords, and attempting to unlock files you do not own may violate computer-fraud laws in most jurisdictions.
- · PDFs with certificate-based encryption (digital certificate, not password) are not supported — decryption requires the private key from the certificate holder's keystore, not something this tool can accept.
- · Some enterprise DRM wrappers (Adobe LiveCycle Rights Management, Microsoft RMS) use a second encryption layer on top of standard PDF encryption; qpdf can strip the PDF layer but the DRM layer requires the corresponding enterprise client.
Pro tips
Recover the password rather than remove protection you never owned
If you have a password-protected PDF where you do not know the password and the document is not yours, the right path is to contact the sender and ask — not to try a cracker. PDF encryption with a strong password (12+ characters) is effectively unbreakable offline within any reasonable time; weak passwords might fall to a cracker but using one on someone else's document is typically a crime under the Computer Fraud and Abuse Act (US) and equivalent laws elsewhere. This tool is designed explicitly for removing your own restrictions, not for attacking others' files.
After unlocking, re-encrypt with modern cipher if privacy still matters
If you are unlocking a file just to migrate it into a different protection scheme (filesystem encryption, cloud storage with at-rest encryption), you are probably fine leaving it unlocked within that controlled environment. But if the document contains PHI, PII, or financial data that continues to travel outside the controlled environment (email attachments, portal uploads), re-apply encryption via the protect-pdf tool using the current AES-256 standard. Legacy RC4 or 40-bit encryption that the original file may have used is not considered secure against modern attackers.
Document your unlock decisions for audit trails
If you work in a regulated industry (healthcare, legal, financial services), keep a log of which files you unlocked, when, under what password, and why the restriction was removed. Compliance auditors routinely want evidence that decryption was authorized. A simple spreadsheet with filename, date, removing party, and justification is usually enough. If the file was originally received under an NDA that specified it must remain encrypted, that NDA clause survives this tool — unlocking does not free you from contractual obligations even when technically possible.
Frequently asked questions
Is it legal to remove a password from a PDF?
Depends entirely on whether you are authorized to access the contents. Removing a password from a file you own or have explicit authority over (your own bank statement, your own contracts, your company's archived documents where you are the records custodian) is legal and routine. Removing a password from someone else's document without their permission typically violates computer-fraud laws — the Computer Fraud and Abuse Act in the US, the Computer Misuse Act in the UK, and similar statutes elsewhere. Circumventing technical protection measures can also violate the DMCA. Use this tool only on files where you have clear authority.
What is the difference between a user password and an owner password?
A user password (open password) is required to open and view the document; without it, you see only an encrypted blob. An owner password (permissions password) allows opening but restricts actions — you might be able to read the PDF but not print, annotate, or extract text. Some PDFs have only one, some have both. Adobe Acrobat's encryption dialog labels them as 'Document Open Password' and 'Permissions Password'. Removing a user password requires knowing it; removing an owner password to lift restrictions also requires knowing the owner password, despite common myths that owner-only restrictions are trivially bypassable.
Does the file or my password get sent anywhere?
No. Decryption runs in a WebAssembly build of qpdf inside your browser tab. The file you select is read into JavaScript heap memory, handed to the WASM module along with the password, and the unencrypted output is delivered as a download. No network request carries the file, the password, or any derived material. You can verify this in your browser's devtools Network tab while unlocking — you will see zero outbound requests containing document or password data. This matters because the whole reason for a password was that the file was sensitive to begin with.
Will removing the password damage the PDF content or signatures?
No damage to content — text, images, form fields, and bookmarks all survive unchanged because qpdf only rewrites the /Encrypt dictionary and re-serializes object streams without decryption wrapping. However, digital signatures (cryptographic signatures, not scanned signature images) may invalidate because their byte-range hash was computed over the encrypted file layout; removing encryption changes the byte layout and the signature no longer matches. If signature validity matters, do not remove passwords from signed documents — instead request an unsigned copy from the sender or add a new signature after unlocking if the document is yours to re-sign.
What if I forgot the password to my own PDF?
This tool cannot help — it requires you to provide the password. For genuinely forgotten passwords on your own files, you have two options: check your password manager or email history for where the password was originally stored or shared, or use a dedicated PDF password recovery tool (ElcomSoft, Passware) which runs offline attacks against the encryption. Recovery time depends entirely on password strength: a 6-character alphanumeric password typically falls within hours on a GPU; a 12-character mixed-case with symbols may take years. If the file is irreplaceable and you cannot recall the password, recovery tools are the legal path since the file is yours.
Password removal is usually a preparation step for further processing. Once unlocked, pdf-merger can combine the file with others (locked PDFs refuse to merge), pdf-splitter can extract subsets, and pdf-compressor can shrink the file for email delivery. If the document still needs protection for its next destination but with different credentials (rotated out of the old shared password), protect-pdf applies a new user password using AES-256. For documents where the protection was owner-level only (restricting print or modify) and you need to edit, pdf-editor works on the unlocked output.
Advertisement