Password protect a PDF — what encryption can and can't actually stop

The short version

1. There are two passwords in PDF: the user password (needed to open the file — the real protection) and the owner password (also called permissions password — controls printing, copying, editing — trivially bypassed).
2. Use AES-256. That's PDF 2.0 / Acrobat X and later. AES-128 is fine for most work. RC4-40 (the Acrobat 4 default) is broken; don't use it.
3. Pick a real password. 12+ characters, random, from a password manager. Your dog's name is not a password.
4. Send it separately. Email the PDF, text the password (or vice versa). Never in the same channel — that defeats the whole point.
5. Password ≠ DRM. Anyone who can open the file can screenshot it, print it, or OCR it. If it can't be copied at all, it can't be sent to anyone who would read it.

The two passwords, explained

User password (document open password)

The one that matters. When set, the entire content stream of the PDF is encrypted with a key derived from your password. Without the password, the file is a blob — viewers can't render it, extractors can't extract, OCR can't OCR. This is real protection. It's the only PDF password feature with mathematical backing, and it's the one to use for tax returns, contracts, medical records, or anything you wouldn't post to a public URL.

Owner password (permissions password)

The one that sounds useful and mostly isn't. You can set it without a user password; the PDF opens for anyone, but a flag tells honest viewers "don't let the reader print, copy text, or edit." Emphasis on honest — the permissions live inside the file, not outside it. Any tool that ignores the flag (pdftk, qpdf, half the online sites, and a one-line Python script) unlocks all permissions in a second. Acrobat and Preview respect owner passwords; Chrome, Firefox, and countless third-party viewers quietly don't.

Worked example: set an owner password with "disable printing" on a PDF. Email it to someone. They open it in Chrome's built-in PDF viewer, which doesn't enforce owner passwords — print works normally. Or they run qpdf --decrypt with no password provided (because the user password is empty). The file opens. Permissions flags are advisory only. Don't rely on them for anything you care about.

Encryption strength — which to choose

PDF has gone through four cipher generations. Which one your tool uses depends on the "compatibility" setting you pick:

• RC4 40-bit (Acrobat 3.0 & 4.0 compatible). Broken since 2003. Crackable on a laptop in minutes. Never use it.
• RC4 128-bit (Acrobat 5.0 / 6.0). Stronger than 40-bit but RC4 is deprecated. Avoid if you have the choice.
• AES-128 (Acrobat 7.0 and later). Modern, standard, fine for most work. Compatible with every PDF viewer from 2005 onward.
• AES-256 (Acrobat X+, 2010 and later). The one to use for sensitive material. PDF 2.0 standard; every current reader handles it. If your tool offers it, pick it.

AES-256 with a 16-character random password and you're done — the PDF will outlast any reasonable brute-force attempt for the next several decades. AES-128 with a 12-character random password is also fine for normal-sensitive content (personal records, contracts). Weak passwords undo either.

One caveat: if your recipient is on a museum-grade old Acrobat Reader 7 or 8, AES-256 won't open. In 2026 this is rare enough to ignore; if your counterparty warns you, fall back to AES-128.

Which viewers respect which password?

This matrix is the honest state of play in 2026. User password (open) is universally respected — the file literally can't be decrypted without it. Owner password (permissions) is honored by some viewers and ignored by others, which means "disable printing" is a suggestion, not a barrier.

The takeaway: user passwords are real — every viewer above blocks access without them. Owner password permissions are performance theater in five of the eight listed viewers. Chrome's built-in PDF viewer, which is what most recipients on Windows, Mac, and Android actually use, honors neither print nor copy restrictions — it reads the encrypted file, decrypts with the user password (if any), and then ignores the owner flags.

What password-protection cannot prevent

Even perfect AES-256 with a 30-character random user password doesn't stop any of these once your recipient opens the PDF:

• Screen capture. Alt+PrtSc, Cmd+Shift+4, the phone next to the laptop. Takes 2 seconds.
• OCR the screenshot. Run our OCR pipeline on the screenshot and the text is back in a Word doc.
• Print to PDF. Open with the user password, print to PDF (built into Windows, macOS, iOS, Android). New PDF, no password, identical contents.
• Export to a different format. Once open, PDF → Word, PDF → JPG, copy-paste. All work.
• "Can you just send me a picture." The recipient takes a photo of the screen and texts it. No tool on Earth stops this.
• Forwarding the file. You send password-protected PDF to Alice; Alice sends the file and the password to Bob. The PDF can't tell.
• DRM overlays. Various tools claim "DRM for PDF"— Vitrium, Locklizard, FileOpen. They add a wrapper format that only opens in a custom viewer, which beats the threat model somewhat but introduces massive friction and is still defeated by the screenshot-of-screen camera. These aren't PDF; they're proprietary containers.

The honest summary: password-protection stops unintendedaccess (the laptop someone lost, the email to the wrong address, the document left on a shared drive). It does notstop determined access by someone you've already shared with. If the content is so sensitive you don't want anyone to see it, don't share it. If it's sensitive-enough-to-care, password-protect with AES-256 and move on.

How to password-protect a PDF — free tools that work today

macOS Preview (free, built-in)

1. Open the PDF in Preview.
2. File → Export.
3. Check "Encrypt", enter a user password.
4. Save. Preview uses AES-128.

Fastest free option on Mac. Limitation: Preview sets a user password only; no owner-password / permissions controls. That's arguably a feature given the matrix above.

Adobe Acrobat Reader (free, File → Protect with Password)

1. Open the PDF in Acrobat Reader DC (free).
2. File → Protect with Password.
3. Choose "Viewing" (= user password) or "Editing" (= owner password).
4. Enter a strong password. Reader uses AES-128 by default; Acrobat Pro lets you pick AES-256.

qpdf (free, CLI, cross-platform)

For batch or scriptable workflows. Install via brew install qpdf / apt install qpdf / choco install qpdf.

qpdf --encrypt USER_PW OWNER_PW 256 -- input.pdf output.pdf

256 = AES-256 key length. Different from any online tool: you never upload the file.

Microsoft Word (free with 365, save-as with password)

If your source is a DOCX, set the password at export time. File → Save As → PDF → Options → check "Encrypt the document with a password". Word uses AES-128. Works offline.

iOS / Android — Files or Adobe Scan app

iOS Files app lock PDF: long-press a PDF → Lock PDF → set password. AES-128. Android: Adobe Scan → Settings → Set Document Password. Both work offline.

When to password-protect vs when not to share

Password-protection is the right move for:

• Tax returns, W-2s, 1099s before emailing your accountant
• Bank statements to a loan officer
• Medical records, lab results, x-ray reports
• Signed contracts, offer letters, severance agreements
• Child support / custody / divorce documents
• NDAs and anything marked "confidential" that still needs to go to someone
• Backups of personal documents stored on cloud drives you don't fully trust

Password-protection is the wrong move (use a different channel, or don't share) for:

• Anything that must remain secret after it's been read once — password-protection doesn't unread a document.
• Content you want to show but not let anyone keep. "DRM" for PDF is a fiction (see above). Don't.
• Content the recipient will definitely share — the password goes with the file.
• Compliance-regulated data where the regulator specifies a platform (HIPAA portals, SFTP, encrypted email). Follow the spec, not a DIY password.

Sharing the password — the right channel

The biggest operational security mistake with password-protected PDFs: emailing the PDF and the password in the same thread. If the email account is compromised, both are gone.

Practical rules:

• Different channel. Email the PDF, text the password. Or vice versa. Also works: email the file, phone-call the password.
• Signal / iMessage / WhatsApp for the password rather than SMS if it's actually sensitive — they're end-to-end encrypted; SMS is not.
• Password manager share link (1Password, Bitwarden, Proton Pass) if you do this often. The recipient gets a one-time link that expires.
• Memorable password over the phone if your recipient is the non-technical-parent demographic. Pick something dictation-friendly: "ninety-two, capital Bravo, dollar sign, ninety-two."
• Never put the password in the same message as the attachment, in the filename, in the email subject, or in a PDF annotation on the file itself. We've all seen all four.

Removing a password (when you have it)

You have the PDF and the password and need an unlocked copy — to compress, to merge, to OCR, to email to someone else:

1. Preview (Mac): open with the password, File → Export, uncheck Encrypt, save.
2. Acrobat: open with password, File → Properties → Security → Security Method: No Security.
3. qpdf: qpdf --decrypt --password=YOURPW input.pdf output.pdf.
4. Chrome / Firefox: open with password, File → Print → Save as PDF. The new PDF has no password.

Once unlocked, you can run any of our live tools: compress the PDF, merge multiple PDFs, or split by pages. Most conversion and compression tools (including ours) can't process an encrypted PDF — the content streams are opaque — so the unlock step is non-optional.

Honest compare — the password-protect tools

Honest picks: Mac users, Preview. Windows users with a single file, Acrobat Reader (free). Anyone doing this weekly or with sensitive files, qpdf — free, local, scriptable, AES-256. Uploads-to-cloud tools for non-sensitive material only.

Common questions

Can the government / police / a hacker break a password-protected PDF?

AES-256 with a strong random password: no, not in any reasonable timeframe. AES-128 with a strong password: also no. AES-128 with a guessable password (dictionary words, common patterns): yes, modern GPU clusters crack 10 million passwords/sec. RC4-40: yes, in minutes. The cipher matters; the password matters more.

What's a "strong" PDF password?

16+ characters, random, from a password manager. Not "Password2026!" — every cracking rulebook has that pattern. Three random dictionary words joined ("correct horse battery staple" style) at 20+ characters is also fine. Length matters more than punctuation gymnastics.

Can I password-protect a PDF on my phone?

Yes. iOS Files app has a built-in Lock PDF; Android: Adobe Scan or Acrobat Reader for Android. Both use AES-128 and run on-device. For one-offs, no need for a desktop.

Why won't Chrome let me print this password-protected PDF?

Sometimes it will — Chrome often ignores owner-password print restrictions. If it's blocking you, the PDF has a user password AND you haven't entered it, or Chrome is a recent build that chose to honor the owner flag. Open in Acrobat Reader instead, or remove the owner password with a free unlock tool (if you have the password).

Can I password-protect specific pages, not the whole PDF?

Not in the PDF spec — encryption is file-level. Workaround: split the PDF into the sensitive pages and the public pages, password-protect only the sensitive split, and share them as separate files.

Is AES-256 overkill for my tax return?

No. The "overhead" of AES-256 over AES-128 is imperceptible — millionths of a second per page. AES-256 is standard on every PDF reader made since 2010. Pick it if your tool offers it.

What's the difference between password-protecting and encrypting a PDF?

They're the same thing in PDF. When you set a user password, the file is encrypted with a key derived from the password. There's no other "encryption" layer in standard PDF. Third-party DRM wrappers (Vitrium, Locklizard) are a separate category — they're proprietary containers, not PDFs.

Can I convert a password-protected PDF to Word or Excel?

Not without removing the password first. Extraction tools can't read encrypted content streams. See our PDF to Excel guide and OCR guide — both require an unlocked PDF. Unlock, convert, re-protect if needed.

Ready?

Our in-browser PDF password tool is on the roadmap — it'll run locally via WASM so nothing uploads. Until then: macOS Preview on Mac, Acrobat Reader free on Windows, qpdf for scripting anywhere. Pick a 16-character random password from your password manager, share it in a different channel, and pick AES-256 if offered. And while you're here: our live PDF compressor, merger, and splitter are free, run in-browser, no signup.