Encrypted pdf and passwords

It has become the trend now for various institutions to send information by email through encrypted pdf documents.  Bank statements, credit card statements,  income tax returns, mutual fund statements - to name a few.   Some go to the extend of encrypting the document when you download them from their website.

Each of these need a different password to decrypt and open it.  They vary from your date of birth in ddmmyyyy format to a combination of first four characters of your first name and the date and month of your date of birth.  PAN numbers in upper and lower cases, pin code of your residential address, folio number of your mutual fund are a few other passwords.

What is the difference between website passwords and these passwords?

a) Website passwords are chosen by the user.  The user knows the password for each website that he/she specifies and keeps track of them.   Pdf passwords are chosen by the system/website/institution.
b) Website passwords can be changed.  Pdf passwords cannot be.
c)  You can do a correlation between website and its password.  Given a pdf filename (often a string of random characters), you have no clues what its password should be.

There are tools to remove pdf passwords (I have not tried yet), but I had a simple proposition.  Why not just provide a password hint below the box to enter the password?  This information is provided in the email (or other) communication which makes available the document and thus, not confidential.  It could say, your "pan number in small letters" or some such.




Comments

  1. Good one....When it comes to technical stuff, you get it right.
    When it comes to general/ethical/social stuff, you mistake the symptom of the cause.
    Look Narayana murthy is appointing his son as his executive assistant. Legally fine. Remember back in the 90's when you and I worked in HP-ISO NRN was talking about "the power of money is to give money". Bill Gates did not appoint his son and his *actions* are consistent with his words. What right does NRN have to talk about merit when he did not choose his through open ended selection process.
    Ethical values have hit nadir in india. It is difficult where the cause lies although symptom is everywhere

    ReplyDelete

Post a Comment

Popular posts from this blog

Opening a safe deposit locker in SBI

Opening a Kannada Word document

Automating a cordova ios build