The two different types of passwords used in PDF files are, and will always be, a source of confusion.
The OWNER PASSWORD is used to control what you can do with/to the PDF file, but you do not have to know it in order to open and view the file. If the owner password is in play, looking at the document’s security properties will tell you what you can’t do. With the right software or a website such has www.pdfunlock.com, the owner password can be removed instantly.
The USER PASSWORD on the other hand, is only used to prevent anyone who doesn’t know it from opening and viewing the file.
A user password, if not known, cannot be removed instantly. This is why we ask you to provide it if you upload a PDF file protected with one to www.pdfunlock.com. If it is known, we can remove it from the file and free you from the inconvenience of having to remember it and provide it every time you open the file.
If the password is not known, our options to help you are very limited. First, the strength and type of the encryption needs to be evaluated. Passwords of the oldest type, also known as RC4 40bit, can always be removed. This is an operation that requires lots of computing power, but is always within reasonable limits. Since last month, we offer a fully automated service that guarantees the removal of such passwords in less than an hour. However, due to the cost we incur by launching tens of high-end servers to unlock the file in such a short period of time, this service comes cannot be offered for free. To purchase this service, just upload the file at www.pdfunlock.com, and you will be presented with instructions how to proceed. The other option would be to purchase the appropriate software, such as GuaPDF, and run it on your computer. Expect it take anything from a few hours to couple of days, depending on your computer. It will also consume all the CPU power available, making using the computer for anything else hard.
Removing user passwords that utilize newer encryption, such as 128bit RC4 or AES (128bit or 256bit) is different. It’s fair to say that there are no guarantees that, with currently modern computers, such a password would ever be removed. There are simply too many possibilities. The key here becomes knowing something about the password, and using that knowledge to somehow limit the passwords that are attempted. Any experiences with removing this type of passwords would be appreciated in the comments!