You encrypted the offer letter. Strong password, AES-256, the works. Then you sent both the file and the password in the same email so the recipient could open it. The lock is decorative.
Distribution discipline is the part most people skip.
The cardinal rule: separate channels
If the file goes by email, the password goes by text, Signal, WhatsApp or a phone call. If the file goes via a secure portal, the password goes via your password manager's secure-send. If the file is on a USB stick handed across a desk, the password is on a slip of paper, not stuck to the stick.
The goal is that no single interception gets both halves.
Use a password manager's secure send
1Password, Bitwarden and Dashlane all offer one-time links that reveal a password and then self-destruct. Generate a passphrase, drop it into a secure send, and email the recipient the link. The link can be set to expire in hours or days, and you'll see if it was opened.
For recipients without a password manager, a quick text remains the simplest backup.
Don't reuse passwords across recipients
If three clients all received this month's report locked with the same password, one leak compromises every copy. Generate a unique passphrase per recipient. The marginal effort is tiny; the marginal safety is significant.
Keep a small ledger — in a password manager — of who has which password for which document. Useful for revocation later.
Plan the revoke step
Most documents have a useful lifetime — quarter end, project sign-off, contract execution. Past that, the password should be retired. For PDFs you control, re-encrypt with a new password once the legitimate window has closed and notify the original recipients of the new key.
For PDFs already out in the wild, you can't claw them back — which is why you don't include the password in the same email.
FAQ
Is texting the password really secure?
More secure than the same email. SMS is unencrypted in transit but is a different channel; Signal and iMessage are end-to-end encrypted, which is better.
What if the recipient asks me to email both?
Push back. The whole point of the password is undone otherwise. Send the file by email, the password by text — it's a five-second extra step.
Can I put the password in the email subject line?
No. Subject lines are even more widely indexed than bodies. Don't put any credential in any part of any email.
What about hint questions?
Avoid. Hints leak structure. Either share the password directly via a different channel or use a secure-send link.
Encryption + sloppy sharing = no encryption. Lock the file and route the password elsewhere.