Password protect PDF
online.

Putting a password on a PDF

The reasons to lock a PDF are usually about deciding who is allowed to open it. A signed contract is going by email through a chain that includes someone's personal phone — anyone who later forwards the message accidentally shouldn't be able to read it. A medical record needs to leave the clinic on a USB stick — if the stick is lost, the file should be unreadable to whoever finds it. A board pack with non-public numbers is being shared with three external advisors — only those three should be able to open it, even if the file is later mistakenly attached to a wider thread. The job here is small and predictable: take a PDF and require a password before anyone can open it.

What you get back is a real encrypted PDF — not a "view-only" wrapper. Every viewer (Adobe Reader, Preview on macOS, Chrome and Edge built-ins, every mobile reader) prompts for the password before showing any page. Without the password, the file is unreadable bytes.

How strong the lock is

Three strength options:

• AES-256 (default). Modern, recommended. The current PDF encryption standard, used by Acrobat for any "high security" preset. Practically uncrackable without the password — brute-forcing a strong password against AES-256 isn't a viable attack on consumer hardware. Choose this unless you have a specific compatibility reason not to.
• AES-128. Older but still strong; defined in PDF 1.7. Use this only if your reader is older than about 2012 and chokes on AES-256.
• RC4 40-bit. Legacy; cryptographically weak — known attacks recover the file in minutes. Only use this if you're working with an integration (industrial scanner, very old archive system) that explicitly requires it. Don't use it for actual confidentiality.

The encryption strength is part of the file format. A reader that doesn't speak AES-256 won't read an AES-256 file at all — it'll show "this PDF can't be opened". That's why the levels exist: not because some are "more secure for important documents" and others "less", but because compatibility scales differently.

How the password works

This tool uses the same password for both the open password (what you need to view the file) and the owner password (what you need to remove the encryption later). That's a deliberate simplification — we keep the UI to one field. PDF technically supports two-tier passwords where viewing requires one and editing requires another, but in practice nearly all real-world locked PDFs use a single password, and the second tier creates more confusion than it solves.

Permissions on the resulting file are set wide open: anyone who can open it can also print, copy text out, fill in forms, and modify it. The lock is about getting in, not about restricting what someone with the password can do once inside. PDF "permission flags" (no-printing, no-copying, etc.) are also a soft control — viewers honour them only by convention, and any unlock tool removes them in seconds. We don't pretend they're a real control, so we don't surface them in this flow.

Choosing a password

The same advice applies as to any password protecting actual data:

• Length matters more than complexity. A 16-character passphrase of common words ("correct horse battery staple") is harder to brute-force than a 9-character mix of symbols. Aim for 4+ words or 16+ characters.
• Don't reuse a password from somewhere else. If the recipient's email gets breached, an attacker who finds your file and your other passwords in one place will try them on this PDF first.
• Send the password through a different channel than the file. File via email, password via signal/SMS/phone call. If the email is intercepted, the password isn't.
• Save it in a password manager. If you forget it, there is no recovery — the file is permanently unreadable. PDF encryption has no "reset by email" path.

What the encrypted file looks like

The contents of the original PDF — text, images, form fields, annotations, bookmarks — are all preserved through encryption. When the recipient opens the file with the password, it looks exactly like the unencrypted source: the same fonts, layout, and selectable text. Nothing is rasterised or rebuilt.

The file size is roughly the same as the source, possibly a few kilobytes larger from the encryption dictionary. Encrypted PDFs cannot be modified by most other tools without unlocking first — that's the point. To re-edit later, run the file through unlock-pdf with the same password.

What survives and what doesn't

• All page content survives. Text, images, fonts, layout, annotations, form fields, bookmarks — preserved exactly.
• Existing digital signatures are invalidated. Encrypting changes the bytes of the file; any signature embedded in it loses its binding. If a signed document needs to be encrypted, the recipient should re-verify with the original signed copy.
• Existing encryption is replaced. If the source PDF was already encrypted (with a known password), this tool removes that and applies new encryption with your password. To do that, the source must be openable — encrypted PDFs whose password isn't known cannot be re-encrypted.
• The original file stays untouched. What you download is a new locked file; the source on your disk is unchanged.

If something looks off

• "Password is required." The password field was empty. Type a password and try again.
• The recipient says "this PDF won't open". Probably an old reader that doesn't speak AES-256. Re-run with AES-128 (or RC4 if it's a really old industrial system).
• "Encrypted PDF can't be modified" error elsewhere. Working as intended. Pass through unlock-pdf with the password first, edit, then re-protect.
• You forgot the password. No recovery. PDF encryption is intentionally one-way without the key. If the source PDF still exists on your disk, re-encrypt with a new password and a password manager.

Practical notes

1. For documents shared once and forgotten, AES-256 with a long random passphrase via your password manager is the right answer. Generate, send file + password through separate channels, archive both in the manager.
2. For documents that get re-shared internally, consider whether a password is the right tool. Inside an organisation, access controls on the storage system (Drive sharing, SharePoint permissions) usually do more useful work — passwords on PDFs floating around inboxes get forgotten, written in subject lines, and lose their point.
3. Print-and-shred is a real adversary. A locked PDF stops digital forwarding but anyone with the password can print and photocopy. If someone needs to read but never own the file, that requires a different system (DRM viewer, screen-only platform).
4. The original file stays untouched. What you download is a new locked file; the source on your disk is unchanged.

What happens to your file

Encryption runs in your browser. The password never leaves this tab — it's used to derive the encryption key locally, and that key encrypts the file in memory. Open DevTools and watch the Network tab during the operation — there are no outbound requests carrying the file content or the password. The PDF stays on your disk; the locked version is a new download alongside it.