Attached, please find your 2011 Tax Organizer, which has been password protected. The Password is the FIRST FOUR digits of the taxpayer's social security number.
This seems reasonable. After all, your card for ATM machines has only a 4 digit PIN number. In addition, since the LAST 4 digits is so often used, many people know it, so they chose 4 digits that somebody else wouldn't know.
But of course, the problems with this are obvious to any professional.
There are three reasons why 4 digits work for ATM machines, and why they don't work here.
- The ATM card itself the PRIMARY security, the PIN number is only SECONDARY.
- Guessing the PIN number is "online" (you can only guess a few numbers before the ATM machine eats your card), but PDF guessing is "offline" (you can make as many failed guesses as you want).
- The third reason things are different is that stealing money from an ATM is limited to only a few hundred dollars, whereas documents from your accountant can lead to loss of all your money.
Or, I can download free software to do it for me. I downloaded this program and after 2 seconds of crunching numbers, it came up with the right password:
(This image is edited, of course, my SSN# does not actually start with "5967".)
So, what's the right solution? You can't send an encrypted PDF and the password in the same e-mail (as some people do), because then hackers yet again and decrypt the PDF. Instead, you have to exchange passwords "out-of-band", such as on the phone or when you visit the office. The encryption is only as strong as the password, so you have to choose a long one (more than 12 characters that are hard to guess).
The REAL correct solution is for vendors to better integration PGP or S/MIME into email systems. PDF encryption was chosen in this case because it's built-in. Likewise, generating public/private keys should be built into every e-mail system -- but it's not.