Recently, I wanted to secure a report prior to sending to one of our clients. So, I went through the steps in my Acrobat DC Pro to secure the report PDF file as follows:
Protect > More Options > Security Properties
Security Method > Password Security
Require password to open = Unchecked
Restrict printing and editing = Checked
Printing allowed = Low Resolution (it IS a report, so the client has to be able to print it)
Changes allowed = None
Enable copying of text, images and other content = Unchecked
Enable text access for the visually impaired = Checked
Used a password rated BEST
Compatibility Acrobat 7.0 and later selected
Encrypt all documents radio button selected
Then I emailed the document to my client, whom I know well. Here is what she was able to do with her Acrobat DC Pro:
Opened the supposedly secure PDF report that I just sent her.
Hit File > Print
Chose Adobe PDF as her printer.
Gave the file a new name "Report-A" and saved it onto her Desktop.
Open the newly printed "Report-A" PDF file in Acrobat DC Pro.
Clicked on Edit and proceeded to edit text, delete text, delete images, insert images, etc. etc. - EVERYTHING that was supposed to be RESTRICTED!
In less than 30 seconds, my supposedly secure report that restricted editing has been opened and edited without putting in the password, completely bypassing the security that I added to my original!
The steps above that I followed to secure the document *used* to actually secure it so that if my PDF was reprinted using the Adobe PDF distiller, it was "printed" as embedded image bitmaps - in other words *not editable*. Now, all of a sudden - reprinting a secured document using distiller is producing a FULLY EDITABLE document!
What's going on Adobe?!?