beautypg.com

Adobe Acrobat 8 3D User Manual

Page 264

background image

257

ADOBE ACROBAT 3D VERSION 8

User Guide

Delete your digital ID

When you delete a digital ID in Acrobat, you delete the actual PKCS #12 file that contains both the private key and
the certificate. Before you delete your digital ID, make sure that it isn’t in use by other programs or required by any
documents for decryption.

Note: You can delete only self-signed digital IDs that you created in Acrobat.

1

Choose Advanced > Security Settings.

2

Select Digital IDs on the left, and then select a digital ID on the right.

3

Click Remove ID, and click OK.

See also

“Delete a certificate from trusted identities” on page 261

Protecting digital IDs

By protecting your digital IDs, you can prevent unauthorized use of your private keys for signing or decrypting confi­
dential documents. Make sure that you have a procedure in place in the event your digital ID is lost or stolen.

How to protect your digital IDs

When private keys are stored on hardware tokens, smart cards, and other hardware devices that are password- or
PIN-protected, be sure to use a strong password or PIN. Never divulge your password to others. You should not write
your password down, but if you must, store it in a secure location. Keep your password strong by following these
rules: Use eight or more characters; mix uppercase and lowercase letters with numbers and special characters; choose
a password that is difficult to guess or hack, but that you can remember without having to write it down; do not use
a correctly spelled word in any language, as these are subject to "dictionary attacks" that can crack these passwords
in minutes; change your password on a regular basis. Contact your system administrator for guidelines on choosing
a strong password.

To protect private keys stored in P12/PFX files, use a strong password and set your password timeout options appro­
priately. If using a P12 file to store private keys that you use for signing, set your password timeout option so that
your password is always required (this is the default behavior). If using your P12 file to store private keys that are
used to decrypt documents, ensure that there is a backup copy of your private key or P12 file so that you can continue
to open encrypted documents should you lose your keys.

The mechanisms used to protect private keys stored in the Windows certificate store vary depending on what
company has provided the storage. Contact the provider to determine how best to protect these keys from unautho­
rized access and for backup purposes. In general, you should use the strongest authentication mechanism available
and should seek to require a strong password or PIN when possible.

What to do if a digital ID is lost or stolen

If your digital ID was issued by a certificate authority, immediately notify the certificate authority and request the
revocation of your certificate. You should also stop using your private key.

If your digital ID was self-issued, destroy the private key and notify anyone to whom you sent the corresponding
public key (certificate).

This manual is related to the following products: