How to redact a PDF securely
Redaction means permanently hiding sensitive information — names, account numbers, addresses — before a document is shared. It is also one of the easiest things to get subtly wrong in a way that leaks the very data you were trying to protect. Here is how to do it safely.
The mistake that defeats redaction
The classic error is covering text with a black box that sits on top of the page while the original text still exists underneath. In some tools the hidden text can be selected, copied, or recovered — so the ‘redacted’ document quietly carries the secret it was meant to hide. Drawing a black rectangle in a generic editor is not enough on its own.
Proper redaction has to remove or flatten the underlying content so that what you see is genuinely all there is. When you export a redacted file, the covered areas should be baked into the page image, not floating over live text.
A safe redaction workflow
Work on a copy, never your only original. Cover every sensitive item on every page — it is easy to redact page one and forget the same detail appears in a footer on page nine. Export the redacted file, then reopen it and actively try to select the text under your black boxes: if nothing is selectable, the redaction held.
Also remember that sensitive data can hide outside the visible text — in document metadata, comments, or attached files. For truly sensitive disclosures, strip metadata as well. Doing the redaction in your browser keeps the unredacted original off any server while you work.