Adobe 22002484 User Guide - Page 241
Protecting digital IDs, Removing sensitive content, Preparing PDFs for distribution
View all Adobe 22002484 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 241 highlights
USING ACROBAT 9 STANDARD 236 Security More Help topics "Delete a certificate from trusted identities" on page 224 Protecting digital IDs By protecting your digital IDs, you can prevent unauthorized use of your private keys for signing or decrypting confidential documents. Make sure that you have a procedure in place in the event your digital ID is lost or stolen. How to protect your digital IDs When private keys are stored on hardware tokens, smart cards, and other hardware devices that are password- or PINprotected, use a strong password or PIN. Never divulge your password to others. If you must write down your password, store it in a secure location. Contact your system administrator for guidelines on choosing a strong password. Keep your password strong by following these rules: use eight or more characters; mix uppercase and lowercase letters with numbers and special characters; choose a password that is difficult to guess or hack, but that you can remember without having to write it down; do not use a correctly spelled word in any language, as they are subject to "dictionary attacks" that can crack these passwords in minutes; change your password on a regular basis; contact your system administrator for guidelines on choosing a strong password. To protect private keys stored in P12/PFX files, use a strong password and set your password timeout options appropriately. If using a P12 file to store private keys that you use for signing, use the default setting for password timeout option so that your password is always required. If using your P12 file to store private keys that are used to decrypt documents, make a backup copy of your private key or P12 file so that you can open encrypted documents if you lose your keys. The mechanisms used to protect private keys stored in the Windows certificate store vary depending on what company has provided the storage. Contact the provider to determine how to back up and protect these keys from unauthorized access. In general, use the strongest authentication mechanism available and create a strong password or PIN when possible. What to do if a digital ID is lost or stolen If your digital ID was issued by a certificate authority, immediately notify the certificate authority and request the revocation of your certificate. You should also stop using your private key. If your digital ID was self-issued, destroy the private key and notify anyone to whom you sent the corresponding public key (certificate). Removing sensitive content Preparing PDFs for distribution Before you distribute a PDF, you may want to examine the document for sensitive content or private information that can trace the document to you. Such information may be hidden or not immediately apparent. For example, if you created the PDF, the document metadata likely lists your name as the author. You may also want to remove content that can inadvertently change and modify the document's appearance. JavaScript, actions, and form fields are types of content that are subject to change. If your document doesn't require these items, remove them before you distribute the document. You can use the Examine Document command to find and remove hidden content from a PDF. Last updated 9/30/2011