Free PDF tool

Password-Protect a PDF

Encrypt a PDF with a password and optional permission limits (print, copy, edit). AES-128 or AES-256 encryption runs entirely in your browser using a WebAssembly build of MuPDF — the file is never uploaded.

AES-128 or AES-256Open passwordPermission limits100% in browser

Protect PDF

Upload a PDF, set a password and limits, then encrypt.

Drop a PDF here or click to uploadPDF only.

Open passwordConfirm password

Show passwords

Advanced: owner password and permission limits

Owner password (optional)Holders of the owner password can change permissions; everyone else is restricted by the limits below.

Permissions allowed for readers

Print Copy text and images Modify content Add annotations Fill form fields Reorder, insert, delete pages

Encryption

Encryption runs locally with a WebAssembly build of MuPDF (~10 MB lazy-loaded the first time). The PDF and password never leave your device.

What the password controls

Open password

Anyone opening the PDF must type this password. Without it, the document does not display at all. Required for true confidentiality.

Owner password & permission limits

The owner password is what lets you change permissions later. Permission limits restrict printing, copying, editing, annotating, form filling, or page reordering for everyone who opens the file with the open password.

How to password-protect a PDF

01
Upload your PDF
Drop the PDF onto the upload area.
02
Pick a password
Type the open password twice. Optionally set an owner password and tick which permissions readers keep.
03
Encrypt and download
The PDF is re-saved with AES encryption and the new password.

Common use cases

Confidential client deliverables

Send a deliverable that only opens after the client types a shared password.

Financial and medical records

Protect bank statements, tax forms, and medical reports before emailing or sharing in cloud drives.

Restrict printing

Allow reading on screen but prevent paper copies of a preview or sample document.

Restrict copying

Keep proprietary text from being copy-pasted out of a PDF without making it unreadable.

Form distribution

Allow form filling but prevent editing the form fields or page structure.

Cross-org sharing

Add a password layer for documents that travel through email or shared drives where access is hard to control.

Protect PDF FAQ

Is the PDF or password uploaded?

No. Encryption runs entirely in your browser using a WebAssembly build of MuPDF. The PDF and password never leave your device.

Which encryption is used?

AES-256 by default, with AES-128 available as a fallback for compatibility with older PDF viewers. Both are real PDF-spec encryption, not just visual restrictions.

Why does the first encryption take longer?

The MuPDF WebAssembly module (~10 MB) downloads on first use and is cached. Subsequent encryptions are fast.

Can a permission lock alone block opening?

No. Permission limits only matter when an open password is also set. Without one, anyone can open the PDF and any compliant viewer may ignore the permission flags.

How strong is the password protection?

AES-256 with a long, random password is robust against brute force. Short or guessable passwords are weak no matter the algorithm. Use a password manager to generate and store the password.

Can I share the protected PDF as a link?

Yes. After download, upload it to PDFtoLink for an instant shareable URL. You can also add a separate link-level password for double protection.