Free · Private · Client-side

Protect PDF with a Password

Add real AES-256 encryption and control printing, copying, and editing permissions — computed entirely in your browser.

Your files never leave your device. DocZap processes everything locally in your browser.

Drop your PDF here or click to browse

Select a PDF to add real AES-256 password protection

Three steps

How to use the Protect PDF tool

  1. 01

    Upload your PDF

    Drop in the document you want to lock down.

  2. 02

    Set passwords and permissions

    Choose an owner password, an optional open password, and what actions to allow.

  3. 03

    Download the encrypted file

    Get a genuinely AES-256 encrypted PDF, ready to share securely.

Add real password protection to a PDF without uploading it anywhere

A lot of “free PDF password” tools online either upload your document to a server or fake the protection with something a determined user can strip away in seconds. DocZap's Protect PDF tool does neither. It applies genuine, industry-standard AES-256 encryption using QPDF — the same open-source engine trusted by professional document tooling — compiled to WebAssembly so it runs entirely inside your browser tab.

Two passwords, two purposes

PDF encryption supports two independent passwords. The owner password is always required and controls what a reader is allowed to do with the file — print it, copy text out of it, or edit it. The open passwordis optional: set it if you want the file to require a password just to view it at all, or leave it blank if you're fine with anyone opening the file but want to restrict what they can do with it once it's open.

Why WebAssembly encryption keeps your document private

Encrypting a document usually means uploading the unencrypted original to whatever service is doing the encrypting — which is a strange tradeoff for a privacy tool. DocZap avoids that paradox entirely: QPDF runs as a WebAssembly module directly in your browser, so both your original file and the passwords you choose stay on your device the whole time. The only thing that ever leaves your browser is the file you explicitly choose to download.

Common reasons to password-protect a PDF

People protect PDFs before emailing tax documents, sharing HR paperwork with sensitive personal information, sending financial statements to an accountant, or distributing internal reports that shouldn't be edited or reprinted without permission. Because DocZap runs entirely client-side, you can protect as many documents as you need without any usage limits.

Choosing passwords that actually protect your file

Encryption strength only matters as much as the password behind it — AES-256 protects the data itself, but a short or guessable password is still the weakest link. Aim for at least eight to twelve characters mixing letters, numbers, and symbols rather than a single common word, and avoid reusing a password from another account for a document that needs real protection. Since DocZap doesn't store or transmit your passwords anywhere, there's also no “forgot password” recovery option later — save it in a password manager or somewhere secure before you close the tab, since losing it means losing access to the encrypted file for good.

Because encryption runs through a genuine WebAssembly build of QPDF rather than a simplified reimplementation, the resulting file follows the same PDF encryption standard used across the industry, so it opens correctly in any compliant reader that supports password-protected PDFs without any compatibility surprises down the line.

Need to remove a password instead? Check out DocZap's Unlock PDF tool below, along with other tools to compress or merge your files.

FAQ

Frequently asked questions

Is this real encryption, or just a fake lock screen?+

It's real. DocZap uses QPDF — a mature, widely-trusted open-source PDF library compiled to WebAssembly — to apply genuine AES-256 encryption, the same standard used by professional PDF software.

What's the difference between the owner password and the open password?+

The owner password controls permissions like printing and editing and is always required. The open password, if set, is required just to view the file at all — leave it blank if anyone should be able to open the file but not change its permissions.

Is my PDF uploaded anywhere to encrypt it?+

No. The entire encryption process runs inside a WebAssembly module in your browser. Your file and your passwords never leave your device.

Can I control what people are allowed to do with the protected file?+

Yes. Toggle whether printing, copying text/images, and editing are allowed — these permissions are enforced by any standards-compliant PDF reader.

What happens if I forget the password?+

DocZap doesn't store your passwords anywhere, so there's no way to recover a forgotten password. Make sure to save it somewhere safe before closing the tab.

Will the protected PDF work in Adobe Acrobat and other readers?+

Yes. AES-256 encryption via QPDF follows the standard PDF encryption specification, so protected files open correctly in Adobe Acrobat, Preview, browser PDF viewers, and other compliant software.

Keep zapping