Add real password protection to a PDF without uploading it anywhere
A lot of “free PDF password” tools online either upload your document to a server or fake the protection with something a determined user can strip away in seconds. DocZap's Protect PDF tool does neither. It applies genuine, industry-standard AES-256 encryption using QPDF — the same open-source engine trusted by professional document tooling — compiled to WebAssembly so it runs entirely inside your browser tab.
Two passwords, two purposes
PDF encryption supports two independent passwords. The owner password is always required and controls what a reader is allowed to do with the file — print it, copy text out of it, or edit it. The open passwordis optional: set it if you want the file to require a password just to view it at all, or leave it blank if you're fine with anyone opening the file but want to restrict what they can do with it once it's open.
Why WebAssembly encryption keeps your document private
Encrypting a document usually means uploading the unencrypted original to whatever service is doing the encrypting — which is a strange tradeoff for a privacy tool. DocZap avoids that paradox entirely: QPDF runs as a WebAssembly module directly in your browser, so both your original file and the passwords you choose stay on your device the whole time. The only thing that ever leaves your browser is the file you explicitly choose to download.
Common reasons to password-protect a PDF
People protect PDFs before emailing tax documents, sharing HR paperwork with sensitive personal information, sending financial statements to an accountant, or distributing internal reports that shouldn't be edited or reprinted without permission. Because DocZap runs entirely client-side, you can protect as many documents as you need without any usage limits.
Choosing passwords that actually protect your file
Encryption strength only matters as much as the password behind it — AES-256 protects the data itself, but a short or guessable password is still the weakest link. Aim for at least eight to twelve characters mixing letters, numbers, and symbols rather than a single common word, and avoid reusing a password from another account for a document that needs real protection. Since DocZap doesn't store or transmit your passwords anywhere, there's also no “forgot password” recovery option later — save it in a password manager or somewhere secure before you close the tab, since losing it means losing access to the encrypted file for good.
Because encryption runs through a genuine WebAssembly build of QPDF rather than a simplified reimplementation, the resulting file follows the same PDF encryption standard used across the industry, so it opens correctly in any compliant reader that supports password-protected PDFs without any compatibility surprises down the line.
Need to remove a password instead? Check out DocZap's Unlock PDF tool below, along with other tools to compress or merge your files.