PDF Password Remover

Removing a password from a PDF you own or are explicitly authorised to modify is fully legal in virtually every jurisdiction. The right to access and edit your own data is well established, and unlocking a file you have the correct credentials for is no different from changing a password on any other document you control. This tool is designed for exactly that scenario — you own the PDF, you know the password, but the encryption is blocking normal operations like printing, merging, or editing. The tool is not a password cracker and cannot open files whose password is unknown; you must supply the correct credential before decryption begins. What is clearly unlawful is bypassing protection on a file you do not own or have no rights to access — courts in the US, EU, and UK consistently treat that as an unauthorised-access violation regardless of technical method. Our terms of service require users to confirm ownership or authorisation. The decryption itself runs entirely inside your browser using the same AES or RC4 cipher the PDF specification mandates, so no password material is ever transmitted to any server. If you inherited a locked file from a departing employee, have a vendor-supplied report locked with a known password, or simply forgot the permission password on your own archive, this tool handles all three cases cleanly. Keep the original locked file as a backup before downloading the unlocked copy.

The PDF specification defines two distinct password types that control access at different levels. A user password — also called the open password — completely blocks access to the document; the reader application will not render a single page until the correct credential is supplied. Without it, the file is effectively invisible. An owner password — sometimes called the permissions password — takes a lighter approach: the document opens and reads normally without any credential, but the viewer enforces a set of restrictions that the creator baked in at save time. Typical restrictions include blocking print, blocking copy-paste of text, blocking annotation, and blocking structural editing. Most business PDFs you receive from vendors, lawyers, or HR departments use only an owner password; the intent is to allow reading while preventing downstream modifications. Our tool supports both types. When you drop a PDF and type a password, the engine attempts to match it against the user-password slot first, then the owner-password slot. Whichever matches, the tool strips the corresponding encryption and permission flags from the output. The resulting file opens freely in any viewer with no restrictions in place. Importantly, the decryption runs in your browser via a WebAssembly PDF library; neither the PDF content nor the password string is transmitted to WikiPlus servers at any point. The original file is never modified — you always receive a fresh, separate output PDF.

Yes. The tool supports the full range of PDF encryption standards defined across PDF revisions 1.1 through 2.0. That covers RC4 with a 40-bit key (PDF 1.1, deprecated since the 1990s), RC4 with a 128-bit key (PDF 1.4), AES-128 in CBC mode (PDF 1.6, introduced in Acrobat 7), and AES-256 in CBC mode with PBKDF2-based key derivation (PDF 1.7 Extension Level 3, the current default in Acrobat, Word, and macOS Preview). When you supply the correct password, the engine derives the document encryption key using the algorithm required by that revision — PBKDF2-SHA256 for AES-256 files, or the legacy MD5-based derivation for older formats — and decrypts the content streams in browser memory. Encryption strength does not slow down the process in any measurable way once the key is known; a 100-page AES-256 PDF typically unlocks in under a second. The one category not supported is enterprise Digital Rights Management, specifically Adobe LiveCycle RMS and similar server-bound schemes where the encryption key is held by an external DRM server rather than derived from a local password. Those files require the original DRM client software. For every standard password-protected PDF produced by Acrobat, Microsoft Word's export function, macOS Preview, LibreOffice, or any consumer tool, the unlocker works reliably. Run a quick test on a low-sensitivity file first to confirm compatibility with your specific PDF version.

The entire decryption process runs inside your browser tab and never touches a remote server. When you drop the PDF, the browser reads the file into an ArrayBuffer using the File API — a standard browser primitive that keeps data in the tab's sandboxed memory. A WebAssembly build of MuPDF, a battle-tested open-source PDF engine, loads once from our CDN and is cached by the browser for future visits. MuPDF receives the encrypted ArrayBuffer and the password string you typed; it derives the document encryption key using the algorithm specified in the PDF's encryption dictionary (PBKDF2-SHA256 for AES-256, or the older MD5 derivation for RC4 files), then decrypts the cross-reference table and all content streams in place within that local memory sandbox. The decrypted PDF is serialised back into a Blob object, still in browser memory, and offered as a download via a temporary object URL. No byte of the original PDF, no byte of the password, and no byte of the decrypted output is sent over the network at any stage. You can verify this yourself by opening your browser's DevTools Network panel before uploading; the only requests visible will be the initial library loads, not your file. This architecture matters because locked PDFs frequently contain sensitive material — legal contracts, bank statements, medical records, tax filings. Keeping that data on your device is not a marketing claim; it is a direct consequence of how the browser-side pipeline is built. Close the tab when done and the memory is released immediately.