You can only delete a digital signature using Acrobat or Reader if you have access to the private key (digital ID) that was used to create the signature. Once upon a time anyone could delete a digital signature in Acrobat (other than a certifying signature), but that was deemed a security flaw and we limited deletion of a signature to only the person that created it in the first place.
Sorry to say, I have absolutely no idea at all!
You mean you have no idea what I'm talking about (a very common occurance), or you get what I was trying to say and have no idea if the digital ID used to create the signature is still available?
1 person found this helpful
So, under these conditiions how do i create a new signature?
When I try to create a new digital signature in Acrobat X I do not get a choice to create a new passsword- only one box, and it appears to be requesting the password I lost/forgot.
I'm a little confused as to your question. Let's start with some background just so we're on the same page.
A "digital ID" is the equivalent of a pen in the physical world. It's used to create a "digital signature" just like a pen is used to create a "wet ink" signature. A "digital signature" is the equivalent of a "wet ink" signature on a piece of paper. So, just like you use a pen to create a wet ink signature on a piece of paper, you use a digital ID to create a digital signature on an electronic document. Also, just like in the physical world you can use a pen to sign anything (e.g. a cast on broken arm, an art canvas, a wall, etc.) you can digitally sign any electronic blob of data (e.g. a PDF file, an e-mail, a Word Doc). Of course we're concentrating on a PDF file here so we'll keep to Acrobat and Reader.
The digital ID contains three separate pieces of information; a private key, a corresponding public key, and the public-key certificate information (the text that you see like the subject name, the issuer name, the validity dates, etc.). Because the digital ID contains the private key it has to be protected to prevent unauthorized use (aka "key compromise"). The digital ID can be saved in one of several places. It can reside in a password protected file, it can be on a PIN protected smart card or token, it can be on a special server, or the operation system (OS) can manage it. For the OS it's either Mac Keychain Access, or the Windows Certificate Store. On Windows, don't think of "store" as a place to buy things, but rather just a storage location. If the OS is managing the digital ID then the log-in to your account is the only authorization required for access to the digital ID so you don't see subsequent password requests.
When it comes time to digitally sign a PDF file you are go to need access to your digital ID. When the Sign Document dialog is displayed (and here's where I think your question lies) whether the Password edit field (the place you type in your password) is displayed or not depends on where the digital ID resides. If the digital ID is in a file then you see the Password edit field, but if the digital ID is being managed by the OS then you don't. As I noted above, if you were able to log into your account on the computer the OS takes that as all the authorization required to gain access to your digital ID and you don't get a subsequent request for a password. The question you have to ask is "where does my digital ID reside"? To find out do the following:
- Open the Tools panel on the right side of Acrobat
- Expand the Sign & Certify pane
- Click on the More Sign & Certify > Security Settings menu item
- Select Digital IDs at the top of the tree view on the left side of the Security Settings dialog
- On the upper right list box there is a column labeled "Storage Mechanism".
If the "Storage Mechanism" is either "Mac Keychain Store", or "Windows Certificate Store" then you won't see the Password edit field on the Sign Document dialog.
Does this answer your question?
Thanks so much for the detailed explanation!
Let me give a little more detail and better explanation of what I have done.
1. I digitally signed (with a digital id” I had created) a document to be filed with an agency.
2. This “signature” ( digital id) had information that included my name, time, date and an acrobat watermark in red.
Essentially typed information that proved the document came from my computer (me?).
3. I was informed that I would have to sign in ink, scan to PDF, and upload it to them, or
4. Create a “digital signature” that had my name, address, phone, fax, email, etc., and upload that to them.
5. I tried to create such a digital signature (after reading your email perhaps I was off base a bit) without success- the place I was attempting this using “PKCS#12 digital ID File” but it allowed only limited information to be input and required a password.
6. I then deleted my old digital id in “security settings” in order to again try to create a new digital “signature” using the “PKCS#12 digital ID File” format.
7. I now am still attempting to create a new digital “signature” and when I get to the last set up page for the “PKCS#12 digital ID File” (where it asks for a file location and password “for your new digital ID file”), by selecting “add digital id” and hit the bullet for “a new digital id I want to create now.” In the last page of these creation pages there is a “file name” box and a “password” box.
I think this is asking for my forgotten password which I cannot remember. If it was asking for a new password, I recall two password boxes to insure the password it typed correctly.
So I am stuck, I cannot create a new “digital id” which I thought was a digital “signature” and have deleted my old digital id.
In the past I have use a scanned “signature” as in read below but became afraid it could be manipulated in some fashion in important documents and that is why I started using the digital id in Acrobat X, which I thought was a digital “signature”.
So, how far off base am I? What do I do now that I have deleted my digital id in security settings?
Thanks so much for your help.
To go a little deeper into this, the signature appearance (what you see on the form), is not the actual signature, but rather a pictorial representation of the signature. The actual digital signature is a cryptographically sound piece of hex encoded data written into the PDF file, but not something you can see (well at least not something you can see in Acrobat, you could find it if you opened the PDF file in a text editor and knew what to look for). That's why you have the option of creating an invisible signature or a viable signature.
When you digitally sign the form (document) you are taking a snapshot of all of the elements that comprise the PDF file and encrypting that snapshot using your private key. It's not the "digital signature" that contained the information you noted above, but rather the signature appearance. If you are the author (creator) of the document (PDF file) then you should add a text field for each piece of information that the agency requires, then when you digitally sign the document you are creating a copy of the file that if tampered with would invalidate the digital signature. In other words, a valid digital signature proves that all of the data that makes up the PDF file is the same as when the file was digitally signed. If someone where to change the data (i.e. change a date, or a location) it would invalidate the signature.
There is a work around to the perpetual print-sign-scan-send issue. What you want to do is create a reusable Custom Signature Appearance that includes a scanned image of you signature. Just sign a blank piece of paper, scan it and save the image, and then import the image in via the Create Custom Signature Appearance workflow. To get there:
- Select the Edit > Preferences (Win) or Acrobat > Preferences (Mac) menu item
- Select Security from the Categories list box
- Click the New button in the Appearances group box
- Enter a name for this appearance in the Title edit field
- Select the Import graphic radio button and then click the File button
- Select the checkboxes for the items you want to display
One side note, the picture of your signature will look better if you crop away any extra white space.
Finally, to get back to your original request, you're not going to be able to add all of the data that you noted into the digital ID. That information has to go into text fields on the form. You could get created with the Reason and Location fields on the Sign Document dialog and add some information there, and display those two items using the check boxes I mentioned above, but really that's not the best solution. However, if you want to give that a try you need to turn on those two fields. While you on the Preferences dialog, Security panel:
- Click the Advanced Preferences button
- Select the Creation tab
- Select both the Show reasons and Show location check boxes.
I also now think I should have be creating in the Windows Certificate Store and not using “PKCS#12 digital ID File.”
I just created a new “self signed” (whatever that means) digital id using the windows certificate store without any request for a password.
Needless to say I’m a little confused about digital signatures.
Is there a way to create a more informational detailed digital id as was requested by the agency in number “4” below?
Thank you so very much for your help.
Thanks for taking the time. I appreciate your help.
A problem I had with this agency’s form was that it was sent to me digitally by email, with a place for a date and a signature.
I think I can now place a signature (as in red) below but didn’t know how to put in a date using Acrobat X.
Hence my adventure, as described.
One thing I mentioned above is that any electronic blob of data can be digitally signed. That includes the public-key certificate portion of your digital ID (the part with the textual information). If fact not only can it be signed, but it is always signed by the issuing authority's private key (signatures are always created using a private key or they wouldn't be considered a "digital signature"). Most of the PKI (Public Key Infrastructure) universe operates by using trusted third parties to issue digital IDs to individuals and part of their mandate is to vette the identity of the person to whom they are issuing a digital ID. In other words, their corporate reputation is on the line so they make sure you are who you say you are. However, one way to create a digital ID is to sign the public-key certificate using its own private key, hence the term "self signed". They are considered less trust worthy because there is no "trusted third party" doing the identity vetting.
You asked "Is there a way to create a more informational detailed digital id" and the long answer is yes, but not if you use Acrobat to create the digital ID. Acrobat only allows you to put a limited amount of information into the digital ID. How it could be done is waaaaaay beyond the scope of our conversation.
You should be able to just type the date into the date field.
I realize this response is a year later, but I have some feedback for you.
1. YOU NEED TO SHOUT THIS FROM THE ROOFTOPS - This is a significant change to previous versions that could delete signatures.
2. UNBELIEVABLE - I'm incredulous that no other solution could be found. So if someone signs my document during review, I better hope I have an older copy that he didn't sign or I have to copy and paste every bit of the document to a new one. Thanks Adobe. This is making it easier to move to a Word only environment - we are still able to delete sigs in Word to make corrections to the document.
3. I cannot express in polite words the amount of anger I feel at this moment towards this insane decision and the fact that it took me quite a bit of digging to find this answer.
You don't have to recreate the document, all you need to do is extract the pages, which will strip off the signature. You can use the page extraction process to create a new (and unsigned) version of the file.
Of course there are just as many customers that scream about the page extraction process removing the signature because they think it should persist.
I am having this same problem with Acrobat XI Pro. I created a digital signature but cannot recall the password that I created for it. I guess I didn;t realize how difficult it would be (impossible!) to reset it.
I went so far as to uninstall Acrobat from my computer and reinstall via Creative Cloud but I still cannot reset or delete it.
Has anyone been successful in deleting the digital ID/signature from the new version of Acrobat Pro?
Are you on Windows or Mac?
I'm on Mac.
First let's make sure we're talking about the same things. A digital ID is a file used to create a digital signature. In the physical world the digital ID would be a pen and the digital signature would be known as a wet-ink signature. I think you are looking to remove (detach) a digital ID from Acrobat as opposed to clearing a digital signature from a PDF file. If you're looking to clear a signature let me know and we can go over that instead.
The good news here is you do not need the password (which is used to access the private key encased inside of the digital ID file) in order to detach a digital ID file. Here's what you are going to want to do (and for anyone else these steps a specific to version 11):
- Select the Acrobat > Preferences menu item
- Scroll to and select Signatures from the Categories list box
- Click the More button in the Identities & Trusted Certificates group box (it's the third one down)
- Expand Digital IDs in the tree view
- Select Digital ID Files in the tree view
- Highlight the file you want to disassociate from Acrobat in the list view (the upper right box)
- Click the Detach File button on the toolbar
- Click the Close button on the Digital ID and Trusted Certificate Settings dialog
- Click the OK button on the Preferences dialog
I'm running into a similar situation as above. Quick background - I created a digital ID on my office professional's computer to demonstrate the process. Following the above thread, we went into Acrobat Reader and deleted all digital ID. Then to set up our OP's digital ID we went into Acrobat X Pro / Tools / Sign & Certify / More Sign & Certify / Security Settings
There are no entries in Roaming ID Accounts, Digital ID Files, Windows Digital IDs nor PKCS#11
We click Add ID (Security Setting Dialogue) Click the radio button for New ID, We've selected the PKCS#11, Fill in all the data in the Dialogue box (Name, organization email etc) and then click next.
Then next dialogue box has an entry for a file name that is filled in and only one password box shows up. We have used my password (when I originally set a digital ID on her computer), a new password, her password etc all no no avail.
The bottom line is that we can't create a new digital ID for our OP on her computer.
Hope you have a fix!
The bug was that the Add Digital ID dialog did not scale correctly on a laptop running a display resolution less than 1024x768, hence the second password edit field doesn't display correctly. Try running in a higher display resolution, or using a computer with a larger monitor.
OK - on a hunch we entered her password and on faith, hit the tab key. No visible box but she re-entered her password and then clicked Finish and it did complete and set up her digital ID. You should note that the same bug exists at the 1080x1024 resolution as shown in the screen shot.
Looks like we have our work around.
I understand what you're saying that it doesn't make sense that you can see the bottom buttons, but not the password confirmation field. It's a bug in how the dialog is drawn. Please try a slightly higher screen resolution and let me know if that brings up the missing password field.
It took me a while to get back into it, but your solution helped me detach my digital ID so I was able to create a new one w/o remembering my forgotten password. Thanks!
Please follow the path C:\Users\user name\AppData\Roaming\Adobe\Acrobat\DC\Security
This holds the file for all of the signature created Adobe DC.
You be able to delete each signature and they will not appear in the Sign As menu once removed.
I hope this helps. Good Luck
What if you've forgotten the password? How can it be deleted?
I tried to follow these steps but my configuration is a little different. I only see a "certificates" shortcut and it doesn't have the other items you referenced under it.
The root of the problem is that to "certify with a visible signature" my program is asking me for a PIN or password. Now I did not use a PIN or password when I created the signature. In my attempts to delete and redo I now have four signatures that I cannot use. I'd like to delete the excess ones and be able to access the one I do want to use.