PDF
PDF Password Toolspdfpassword.net
Time Analysis

How Long Does PDF Password Recovery Take? Complete Timeline Guide

The most common question about PDF password recovery is 'how long will it take?' The honest answer: it depends on four variables — the encryption mode (10400-10700), the password length and character set, whether the password follows common patterns, and how many GPUs are used. This guide provides exhaustive timeline estimates for every realistic combination, with real hashcat benchmark data from RTX 5090 GPUs in 2026, so you can estimate your specific case before committing to any recovery approach.

The four variables that determine recovery time

Variable 1 — Encryption mode: PDF 40-bit RC4 (mode 10400) is always fast regardless of password because the attack is a key-space search (2^40 keys). PDF 128-bit RC4 (mode 10500) runs at ~9.8M passwords/second. PDF AES-128 (mode 10600) runs at ~75K passwords/second. PDF AES-256 (mode 10700) runs at ~28-38K passwords/second.

Variable 2 — Password length and character set: the candidate space is charset_size^length. A 6-character lowercase password (26^6 = 308M candidates) tests in minutes on any GPU. A 10-character full-ASCII password (95^10 = 59.9 quintillion) takes centuries even on large clusters.

Variable 3 — Pattern predictability: most forgotten PDF passwords are human-chosen, not random. Dictionary+rule attacks find 60-85% of human-chosen passwords within hours by testing common patterns first. Brute-force timelines only apply to truly random passwords, which are rare in practice.

Variable 4 — GPU cluster size: a single RTX 5090 is the baseline. Professional services use 8-32 GPUs, dividing timeline by the number of GPUs adjusted for ~94% scaling efficiency per additional GPU.

Patterns beat length

A 14-character password like 'iloveyou1234' cracks in seconds (it is in the RockYou wordlist). An 8-character random string like 'kX9#mP2q' takes centuries. Pattern matters more than length when dictionary attacks are applied.

Mode 10400 (40-bit RC4) — guaranteed fast

Mode 10400 is unique: the attack is a key-space search, not a password search. The encryption key is exactly 40 bits, and every possible key can be tested exhaustively. Password length, complexity, and character set are completely irrelevant.

Timeline on a single RTX 5090: 60-90 minutes for full key-space exhaustion. This is a mathematical guarantee — every one of the ~1.1 trillion possible 40-bit keys is tested. The password is always found.

Multi-GPU scaling for mode 10400: 4 GPUs = 15-23 minutes. 8 GPUs = 8-12 minutes. 16 GPUs = 4-6 minutes. 32 GPUs = 2-3 minutes.

CPU-only timeline: approximately 4-8 hours on a modern 16-core CPU at ~50M keys/second. Mode 10400 is the only mode where CPU recovery is practical.

Mode 10500 (128-bit RC4) — fast GPU throughput

Mode 10500 (128-bit RC4) runs at approximately 9,800,000 passwords per second on a single RTX 5090. This is the fastest password-search mode because RC4's key setup is computationally cheap.

Dictionary+rule attack (10M wordlist, 50 rules = 500M candidates): 500M / 9.8M = 51 seconds on single GPU. 8 GPUs = 7 seconds. This is the most likely successful attack for human-chosen passwords.

Brute-force mask attack timelines for mode 10500 on single GPU: 6-char lowercase (308M candidates) = 31 seconds. 8-char lowercase (208B) = 5.9 hours. 8-char alphanumeric (2.82T) = 3.3 days. 10-char lowercase (141T) = 167 days.

Mode 10500 PDFs date from the 2001-2010 era. Passwords from this period were typically shorter and simpler than modern passwords. The majority of mode 10500 recoveries succeed within minutes, not hours.

Mode 10600 (AES-128) — moderate GPU throughput

Mode 10600 (AES-128 CBC) runs at approximately 75,000 passwords per second on a single RTX 5090. The AES cipher requires more computational work per candidate than RC4, reducing throughput by ~130x compared to mode 10500.

Dictionary+rule attack (500M candidates): 500M / 75K = 1.85 hours on single GPU. 8 GPUs = 14 minutes. Most human-chosen passwords from 2010-2018 fall to dictionary attacks within this window.

Brute-force mask attack timelines for mode 10600 on single GPU: 6-char lowercase (308M) = 68 minutes. 7-char lowercase (8B) = 30 hours. 8-char lowercase (208B) = 32 days. 8-char alphanumeric (2.82T) = 435 days.

Eight-GPU cluster timelines for mode 10600: 8-char lowercase = 4.3 days. 8-char alphanumeric = 58 days. 10-char lowercase = 7.9 years. The practical boundary for mode 10600 recovery on a professional cluster is approximately 9-10 character passwords with moderate complexity.

Mode 10700 (AES-256) — slowest per-candidate rate

Mode 10700 (AES-256 with SHA-256 KDF) runs at approximately 38,000 passwords per second on a single RTX 5090 (50-round KDF) or 28,000 H/s (100-round KDF for PDF 2.0). This is the slowest PDF mode due to the computationally expensive key-derivation function.

Dictionary+rule attack (500M candidates): 500M / 38K = 3.7 hours on single GPU. 8 GPUs = 29 minutes. 32 GPUs = 8 minutes. The dictionary phase is always fast because the candidate count is bounded by the wordlist size, not by brute-force combinatorics.

Brute-force mask attack timelines for mode 10700 (38K H/s) on single GPU: 6-char lowercase = 2.25 hours. 7-char lowercase = 2.4 days. 8-char lowercase = 63 days. 8-char alphanumeric = 2.4 years. 10-char lowercase = 117 years.

Eight-GPU cluster timelines for mode 10700: 8-char lowercase = 8.4 days. 8-char alphanumeric = 117 days. 9-char lowercase = 218 days. 10-char lowercase = 15.5 years. The practical boundary is approximately 8-9 characters with limited charset.

Real-world timelines — how long it actually takes

In practice, most PDF password recovery cases complete much faster than the brute-force worst-case estimates. This is because real-world passwords follow patterns, and pattern-based attacks are tested first.

Fast case (most common): user-chosen password with common patterns. Mode 10500-10700 dictionary+rule attack completes in <1 hour on a professional GPU cluster. 60-70% of all forgotten-PDF cases fall into this category.

Moderate case: password known partially (e.g., 'starts with my dog's name, ends with a year'). Mask attack with known constraints reduces search space by 90-99%. Timeline: 1-7 days on a professional cluster.

Difficult case: password is a moderate-length random string (8-10 characters) with no known pattern. Requires brute-force or combinator attack. Timeline: 30-90 days on a professional multi-GPU cluster. Cost may exceed document value.

Infeasible case: strong random password (12+ characters, full charset) from a password manager. Timeline: centuries. No practical recovery possible. The document must be accepted as permanently lost or replaced from source.

How to get a precise estimate for your PDF

The most reliable way to get a realistic timeline is to run a free analysis with a professional recovery service. The analysis identifies the exact encryption mode (including KDF round count for mode 10700), runs fast dictionary attacks to test common patterns, and provides a timeline estimate based on the actual encryption parameters and your partial password recall.

If you want to estimate yourself: (1) identify the mode with qpdf --show-encryption or the browser-based tool, (2) estimate password characteristics (length range, character types, any known patterns), (3) calculate candidate space (charset_size^length for brute-force, or wordlist_size x rules for dictionary), (4) divide by your GPU throughput (single: 38K H/s for mode 10700, 75K for 10600, 9.8M for 10500; multiply by GPU count x 0.94 scaling).

Remember that dictionary attacks always run first and catch the majority of cases. The brute-force timeline is the worst case and applies only if dictionary and rule attacks fail. Most users never reach the brute-force stage because their password is found in the dictionary phase.

Estimating your PDF recovery timeline

  1. 1

    Identify the encryption mode

    Use the browser-based PDF encryption info tool or qpdf --show-encryption to get V/R/Length/CFM values. This sets the per-second password test rate.

  2. 2

    Recall what you can about the password

    Length estimate, character types (digits only, lowercase only, mixed), any known substrings or themes. This determines the search space.

  3. 3

    Calculate or estimate the candidate space

    charset^length for brute-force. For dictionary: wordlist entries x rule count (typically 10M x 50 = 500M). For mask: constrained positional charset.

  4. 4

    Divide by effective GPU speed

    Mode 10700: 38K H/s per GPU x GPU count x 0.94. Mode 10600: 75K H/s per GPU. Mode 10500: 9.8M H/s per GPU. Mode 10400: always 60-90 minutes.

  5. 5

    Run the free analysis for the real answer

    The free analysis phase gives you a data-driven timeline using the service's actual GPU cluster, tested against your specific encryption parameters.

Frequently Asked Questions

What is the fastest PDF password recovery method?
Mode 10400 key-space search: guaranteed in 60-90 minutes on single GPU, 8-12 minutes on 8-GPU cluster. For modes 10500-10700 with common passwords: dictionary attack completes in seconds to hours.
Why does my PDF recovery take longer than the estimates?
PDF 2.0 documents with increased KDF rounds (100+ SHA-256 rounds instead of 50) reduce hashcat throughput by 25-35%. If your timeline seems slow, check the KDF round count in the encryption dictionary.
Can I speed up PDF password recovery?
More GPUs linearly reduce time. Providing partial password knowledge (mask constraints, known characters) reduces the search space exponentially. Using targeted dictionaries (custom wordlists relevant to the password context) catches more patterns.
How long does mode 10700 (AES-256) recovery take for an 8-character password?
8-char lowercase: 8.4 days on 8-GPU cluster. 8-char alphanumeric: 117 days on 8-GPU cluster. 8-char full ASCII: infeasible (centuries). Most 8-char human-chosen passwords are found in the dictionary phase in under an hour.
Is CPU-only PDF recovery practical?
Only for mode 10400 (40-bit RC4): 4-8 hours on modern CPU. For modes 10500-10700, CPU is ~100x slower than GPU — a 2-day GPU job becomes 200 days on CPU.
Does the free analysis affect the timeline?
The free analysis runs fast tests (dictionary, common patterns) and completes within seconds to minutes. If successful, your total recovery time is just the free analysis time. The paid phase with GPU-intensive mask attacks only starts if free analysis fails.

Have a forgotten-password PDF to recover?

Run a free analysis — encryption type detected automatically, fast techniques tried first, pay only on success.

Run Free Analysis

Related Reading

PDF Password Length vs Crack TimePDF Encryption Standards ExplainedPDF AES-256 Recovery (mode 10700)40-bit PDF Recovery