PDF Password Protect

Add password protection to PDF files to prevent unauthorized access. Set open and permissions passwords.

🔒

Click or drag a PDF file here

PDF files only

How to use PDF Password Protect

1

Upload Your PDF File

Click the blue 'Choose File' button in the center of the page. Select your PDF from your computer. The file will appear in the upload area showing the filename and file size.

2

Set Your Password Protection

Enter an 'Open Password' (required) to prevent opening the PDF. Optionally enter a 'Permissions Password' in the second field to restrict printing, copying, and editing. Both fields accept alphanumeric characters and special symbols up to 32 characters.

3

Configure Permission Settings

Check boxes next to 'Disable Printing', 'Disable Copying', and 'Disable Editing' under the Permissions Password field. These restrictions only apply if you set a permissions password. Leave unchecked to allow unrestricted access after opening.

4

Process and Download Protected PDF

Click the green 'Protect PDF' button. Processing takes 2-5 seconds depending on file size. Click the 'Download' link that appears below to save your password-protected PDF to your device.

Related Tools

How to password protect a PDF free online, no upload needed

How to password protect a PDF free online, no upload needed

Need to lock a PDF with a password before sending it? Use ToolHQ's free PDF password protect tool to encrypt any PDF right in your browser, without uploading it anywhere.

ToolHQ's PDF password protect tool is a free browser-based tool that adds password protection and AES encryption to any PDF file entirely on your device -- your file never leaves your browser.

Sensitive documents -- contracts, financial statements, personal records, medical forms -- should not travel through the internet as open files. Encrypting a PDF before emailing it is the simplest way to control who can open it.

Key Takeaways

  • Your PDF is encrypted entirely in your browser -- it is never uploaded to any server
  • Uses 128-bit AES encryption, a NIST-standardized algorithm protecting trillions of files worldwide
  • The password you set is never transmitted anywhere -- only you know it
  • Free with no login, no watermarks, and no file size restrictions displayed
  • The encrypted PDF looks identical to the original -- only the access changes

How PDF password protection works

PDF password protection uses symmetric encryption to lock the file content. When you set a password, the PDF file is encrypted so that a PDF reader (Acrobat, Preview, browser PDF viewers) requires the correct password before displaying the content.

The ISO 32000 PDF standard supports two types of password protection:

  1. User password (open password): Required to open the file at all. Without it, the PDF cannot be read.
  2. Owner password (permissions password): Controls whether the PDF can be printed, copied, or edited, even after it's opened.

ToolHQ's tool sets a user password using AES (Advanced Encryption Standard) at 128-bit key length. According to NIST's documentation on AES, AES-128 was standardized in 2001 as FIPS 197 and is considered secure for protecting sensitive information. A brute-force attack against a well-chosen 128-bit AES password would take longer than the current age of the universe to complete.

According to the Wikipedia article on AES, AES has been adopted worldwide as the standard for symmetric encryption and is used in everything from HTTPS traffic to government classified data. Applying it to a PDF file means the document content is mathematically scrambled and can only be unscrambled with the correct key.

Your file never leaves your device at any point. The encryption happens using cryptography libraries built into modern browsers. No server ever sees your document or your password.

PDF encryption levels explained

PDF encryption has evolved over time. The version of encryption applied to a PDF file determines how difficult it is to crack, and older levels are now considered insecure.

40-bit RC4 (PDF 1.1-1.3). This is the original PDF encryption method, introduced in 1993. 40-bit encryption was considered adequate in the 1990s, but a 40-bit key space can be exhausted in seconds by modern hardware. Any PDF encrypted with 40-bit RC4 should be treated as unprotected by current standards.

128-bit RC4 (PDF 1.4-1.5). An improvement over 40-bit, 128-bit RC4 is stronger but the RC4 cipher itself has known vulnerabilities that make it less reliable than AES. It was deprecated in PDF 2.0.

128-bit AES (PDF 1.6+). The first AES-based PDF encryption, introduced around 2004. AES (Advanced Encryption Standard) is a block cipher standardized by NIST (Federal Information Processing Standards Publication 197) and is computationally secure against brute-force attacks at 128-bit key length. ToolHQ uses this standard.

256-bit AES (PDF 1.7 extension / PDF 2.0). The current recommended standard, adopted in Adobe Acrobat 9 and codified in ISO 32000-2 (PDF 2.0). 256-bit AES doubles the key length compared to 128-bit, making it even more resistant to theoretical future attacks. If your application or recipient requires maximum security, choose a tool that supports 256-bit AES explicitly.

For most practical purposes -- protecting personal documents, financial records, and business correspondence from casual or opportunistic access -- 128-bit AES is more than sufficient. The realistic threat is not cryptanalysis against AES; it is using a weak, guessable password that a dictionary attack can crack in minutes regardless of the encryption strength underneath.


When you should password protect a PDF

Not every PDF needs a password, but sensitive documents always do.

Mini-story: Sandra is a 45-year-old financial advisor who sends clients their annual investment summary as a PDF via email. These reports contain account numbers, balances, and portfolio allocations. She started password protecting each report using ToolHQ's tool before emailing. She sends the encrypted PDF in the email and texts the password separately. Even if the email is intercepted or forwarded accidentally, the PDF is useless without the password. The entire encryption step takes her about 15 seconds per file.

Situations where PDF password protection is the right move:

  • Sharing legal documents, contracts, or NDAs via email
  • Sending tax documents, pay stubs, or financial statements
  • Distributing medical records or insurance documents
  • Protecting internally sensitive business reports
  • Sending passport copies or ID scans for verification purposes
  • Sharing academic research before publication

Password protect your PDF at ToolHQ


How to password protect a PDF

  1. Open ToolHQ's PDF password protect tool in your browser.
  2. Upload your PDF by dragging it onto the tool or clicking to browse and select your file.
  3. Enter a password. Choose a strong password -- at least 12 characters, mixing letters, numbers, and symbols.
  4. Confirm the password by entering it again.
  5. Click Encrypt (or "Protect PDF").
  6. Download the protected PDF. The downloaded file requires your password to open.

Share the password with your intended recipient through a separate channel (text message, phone call, or a different messaging platform) -- never in the same email as the PDF.


Tips for strong PDF passwords

The encryption is only as strong as your password. AES-128 itself is unbreakable by any known attack, but a weak password can be cracked quickly through dictionary or pattern attacks.

Strong PDF password guidelines:

  • At least 12 characters
  • Mix uppercase and lowercase letters, numbers, and special characters
  • Avoid names, birthdays, dictionary words, or keyboard patterns (like "qwerty123")
  • Don't reuse passwords you use for accounts

What not to do: Using the recipient's name or a simple number like "123456" as the PDF password defeats the purpose of encryption. A brute-force tool can crack a 6-character numeric password in seconds.

Mini-story: Daniel, a 52-year-old HR director, sent an employee contract with the password "HR2024" -- which he mentioned in the email subject line by accident. He caught the mistake before anyone exploited it, re-encrypted the file with a random 14-character password, and sent it again. He now uses a password manager to generate random passwords for document encryption, sharing them via SMS separately from the document.

For generating strong random passwords, use ToolHQ's password generator to create a secure password before setting it on your PDF. After protecting your document, you can compress it with ToolHQ's PDF compressor if needed. Browse all PDF tools in the ToolHQ PDF category.


Frequently asked questions

Is my PDF uploaded to a server during encryption?

No. ToolHQ's PDF password protect tool processes your file entirely in your browser using local cryptography. Your file is never uploaded to any server. Your file never leaves your device.

What happens if I forget the password?

If you forget the password, the PDF cannot be recovered without the original unencrypted file. There is no "reset password" option -- the encryption is real. Always keep a record of the password in a secure location.

Can password-protected PDFs be cracked?

A PDF protected with AES-128 and a strong random password is effectively uncrackable with current technology. Short or common passwords can be cracked by dictionary attacks. Use a password of 12+ random characters.

Can I prevent someone from copying text or printing my PDF?

This requires an owner/permissions password (also called a restrictions password), which is separate from the open password. The ISO 32000 PDF standard allows locking specific permissions: printing, copying text, editing content, filling in forms, adding annotations, or extracting pages. When an owner password is set, recipients can still open and read the PDF, but the restricted actions are blocked by their PDF viewer. Note that PDF permissions rely on the PDF reader to enforce them and are not as cryptographically strong as the open password. Determined users with PDF tools can sometimes bypass permissions restrictions, so this is a deterrent rather than a guarantee.

Can I remove the password later?

Yes. Open the protected PDF in any PDF reader, enter the password, and then re-save it without password protection. Or use a PDF unlock tool to remove the password if you have the correct credentials.

Does this work on mobile browsers?

Yes. ToolHQ's tool is browser-based and works on modern mobile browsers (Safari on iOS, Chrome on Android) as well as desktop browsers.


The short version

Password protecting a PDF before sharing it is one of the simplest security habits you can build. ToolHQ's PDF password protect tool applies AES-128 encryption directly in your browser. Your file is never uploaded, and your password is never transmitted. The whole process takes under a minute.

Your file never leaves your device at any point.

For strong passwords to protect your files, use ToolHQ's password generator. For other PDF tasks, browse the ToolHQ PDF category or try the PDF compressor to reduce file size before sending.

Password protect your PDF now