AES-256 vs Older PDF Encryption: Why Modern Standards Matter
A PDF "password" from 2005 can be cracked in minutes. Modern AES-256 can't. Why this matters for your sensitive documents.
AES-256 vs Older PDF Encryption: Why Modern Standards Matter
PDF encryption has gone through 5 standards since the format was introduced. Three of them are now broken. If you're protecting a document with PDF encryption today, you need to know which version your tool uses — because the older ones don't actually protect against anything.
A short history of PDF encryption
| Year | Standard | Status today |
|---|---|---|
| 1994 | RC4 40-bit | Cracked instantly |
| 2001 | RC4 128-bit | Cracked in hours |
| 2003 | AES 128-bit | Still considered secure |
| 2008 | AES 256-bit (PDF 1.7) | Strong |
| 2017 | AES 256-bit (PDF 2.0) | Strongest available |
The 1994 and 2001 standards are not secure in any meaningful sense. Cracking tools for them are freely available on GitHub. If your protection tool produces RC4-encrypted output, you might as well not encrypt at all.
How to check what you're using
SwitchPDF Protect PDF uses PDF 2.0 AES-256 — the current strongest option. Most modern tools do, but older versions of Adobe Acrobat (pre-2017) and some budget PDF utilities still default to AES-128 or worse.
To check an encrypted PDF you already have: open it in a tool like pdfinfo (command line, free) or look at File → Properties → Security in Acrobat Reader. It'll list the encryption algorithm. If it says "RC4" anywhere, the document is not actually protected.
Why AES-256 matters
Brute-forcing a 12-character random AES-256 password would require trying about 10^21 possibilities. With current computing power (including specialized cracking hardware), that takes longer than the age of the universe on average. Genuinely unbreakable.
AES-128 is also strong by current standards but has less headroom for future computing improvements. AES-256 is the responsible choice for documents you care about preserving long-term.
The password is still the weak link
Even AES-256 is only as strong as the password you choose. A 6-character password ("dog123") can be brute-forced in hours regardless of the encryption algorithm. A 12-character random password is what makes AES-256's strength actually matter.
When you can't use AES-256
A few legitimate scenarios still require older encryption:
- Very old PDF viewers that don't support PDF 2.0 (rare today; mostly retired enterprise systems)
- Specific government archives that require a particular older standard for legacy compliance
- PDFs that need to open in software older than 2017 without updates
For these, use AES-128 — still strong, broader compatibility. Avoid RC4 entirely.
Bottom line
Use AES-256 (PDF 2.0). It's the default in modern tools including SwitchPDF Protect PDF. The encryption is unbreakable as long as your password is at least 12 random characters. If you have older protected PDFs using RC4, they're not actually protected — re-encrypt them.
Related articles
Password-Protecting a PDF: Step-by-Step Guide
Adding a password to a PDF takes 30 seconds. Doing it correctly (so the password isn't trivial to crack) takes a little planning. Here's both.
Password Protection vs Permission Restrictions: PDF Security Explained
Encrypting a PDF and disabling printing are two different things. Here's what each actually protects against and how to use them right.
Cropping PDF Margins for Cleaner Prints and Less Paper
Most scanned PDFs have unnecessary white borders that waste ink and paper when printed. Here's how to trim them in 30 seconds.