Arthize.pdf
Start free

security

How to password-protect and encrypt a PDF (the right way)

JAJonas Albrecht7 min read
Arthize guide cover — how to password-protect a PDF

The short version

  • A PDF has two passwords: a user/open password (stops reading) and an owner/permissions password (limits editing/printing).
  • For real confidentiality you need the user/open password — owner-only 'protection' is trivially bypassed.
  • Modern PDF encryption is AES-256; its only weakness is a weak password, so use a long unique passphrase.
  • Never send the password in the same email as the file, and remember encryption is not redaction.

A password on a PDF isn't a "please don't peek" note — done right, it's genuine AES encryption, the same family of math that protects your bank login. The catch is that "protect this PDF" can mean two completely different things, and picking the wrong one is why people either can't open their own file or think it's locked when it isn't.

A PDF has two kinds of password

This is the part nobody explains, and it's the whole ballgame:

  • User password (open password). Without it, the file won't open at all. The contents are encrypted; no password, no document. This is the one you want for genuinely confidential files.
  • Owner password (permissions password). The file opens freely, but editing, printing, or copying text is restricted unless you have this password. It controls what people can do, not whether they can read.

What "encrypted" really means here

Modern PDF encryption uses AES-256. When you set an open password, the document's contents are mathematically scrambled and the password is what derives the key to unscramble them. There's no secret backdoor and no "recover my PDF password" button that isn't really a brute-force guesser. That's the point: a strong, unique password genuinely protects the file — and a weak one ("1234") genuinely doesn't, because guessing is the only attack and short passwords are quick to guess.

How to password-protect a PDF

  1. Open the add-password tool and load your file.
  2. Set a user/open password if the goal is confidentiality. Use a long, unique passphrase — not the recipient's last name.
  3. Optionally add an owner password and restrict printing/copying if you also want to limit actions.
  4. Export the protected file. Test it: close it, reopen it, confirm it demands the password.

The part people get wrong: sharing the password

Encryption is pointless if you email the password in the same thread as the file. Send the document one way (email) and the password another (a text, a call, a separate app). Otherwise anyone who reads the email has both halves. This single habit defeats more "secured" PDFs than any cryptographic weakness.

A password is not redaction

Encrypting a file protects it from outsiders — but anyone with the password sees everything in it. If a document needs to be shared with some content permanently hidden from everyone, that's a different job: redaction, which removes the sensitive content entirely. Lock a file to control who opens it; redact a file to control what's inside it.

Removing a password you own

Once a file is unlocked on your machine, you can remove its password to make it easier to work with — for example before merging it with others. You need the existing password to do this; a legitimate tool won't strip protection off a file you can't already open. After editing, re-apply protection before it leaves your hands.

Where you encrypt matters too

Here's the irony of free "protect PDF online" sites: to add the password, they upload your unprotected file to their server first. For a brief moment your sensitive document sits there in the clear — the exact situation you were trying to prevent. We add and remove protection inside the same private workspace as the rest of Arthize, so the unprotected version never tours someone else's hardware. For the bigger picture on that risk, see what happens when you upload a PDF to a free tool.

Encryption is one third of the "security" leg of the PDF workflow guide — the other two being redaction and signatures.

Frequently asked

What's the difference between a user password and an owner password on a PDF?
A user (open) password is required to open and read the file — without it the contents stay encrypted. An owner (permissions) password lets the file open freely but restricts editing, printing, or copying. For confidentiality you need the user password.
How strong is PDF encryption?
Modern PDFs use AES-256, which is genuinely strong. The only practical attack is guessing the password, so the protection is only as good as the passphrase you choose.
Is a password the same as redacting a PDF?
No. A password controls who can open the file; everyone with the password sees all of it. Redaction permanently removes specific sensitive content from inside the document.
How do I unlock a PDF or remove its password?
If you know the password, run the remove-password tool: enter it once and the tool writes out a copy with no encryption, so it opens freely afterward. That's the usual fix when another app refuses to merge or edit a protected file. There's no legitimate way to unlock a PDF whose password you don't have — that's the encryption doing its job.
JA

Jonas Albrecht

Co-founder & security lead, Arthize

Jonas started Arthize with Maya after one too many contracts got uploaded to free PDF sites at his old job. He focuses on the parts of a document people assume are safe and usually aren't — encryption, true redaction, and what servers quietly keep.

Keep reading

Arthize guide cover — how to redact a PDF

Security

How to Redact a PDF So the Hidden Text Stays Hidden

Arthize guide cover — PDF privacy and free online tools

Security

What Happens When You Upload a PDF to a Free Online Tool

Arthize guide cover — working with PDFs in 2026

Pillar

Working With PDFs in 2026: The Practical Guide

Try the tool, not just the theory.

Every technique in this guide runs inside one private Arthize workspace — no upload sites, no trackers.

Start free →