How to Password-Protect a PDF (Encrypt for Email Sharing)
Sharing a sensitive PDF through email or cloud storage means it can sit on third-party servers indefinitely. Password-encrypting it before sending means even if the email is forwarded, intercepted, or breached, the contents stay locked. Here's how to do it free in your browser.
The problem
Your accountant asks you to email a tax return, your doctor wants medical records, or your lawyer needs a signed contract. Putting it in plain text inside an email or Dropbox link is risky — anyone with access to that channel sees the document. Adobe Acrobat encrypts PDFs for $20/month. PDFShed does it free, AES-256 strength, in your browser.
Use the tool now
Open the encrypt pdf tool and follow the steps below.
Step-by-step
- 1
Open the Encrypt PDF tool
Drop your PDF into [Encrypt PDF](/en/tools/encrypt-pdf). The file is processed locally — your sensitive content never leaves your device.
- 2
Choose a strong password
Use 12+ characters mixing upper/lower/numbers/symbols. Don't reuse your email password. Better: generate one with a password manager (1Password, Bitwarden) and share via a separate channel (text, phone call) from the email itself.
- 3
Pick encryption level
AES-256 (default) is the strongest available in PDFs and resistant to brute-force on modern hardware. Leave it on AES-256 unless the recipient's software is ancient (pre-2008 Acrobat).
- 4
Optionally restrict actions
Beyond opening, you can also restrict printing, copying text, or editing. Useful for shared drafts you don't want forwarded with edits.
- 5
Download and share
Save the encrypted PDF. Email it. Send the password through a different channel — phone, SMS, or a secure messenger like Signal — never in the same email.
Pro tips
- •Two-channel security: never put the password in the same email as the file. Send file via email, password via SMS or phone.
- •For repeated recipients, agree on a system once: "passwords for these reports are always last-4-of-EIN + birth-year." Saves the back-and-forth.
- •Modern PDF AES-256 encryption is genuinely uncrackable without the password. Don't lose the password yourself.
- •Some email systems (corporate Outlook, certain spam filters) block encrypted PDFs as "suspicious." Test send to yourself first.
Frequently asked questions
Is PDF encryption strong enough for legal/medical sharing?
AES-256 PDF encryption is the same standard used by US government TOP SECRET documents. It's far stronger than emailing in plain text. Legal and HIPAA-compliant when paired with proper key management.
Can I use the same password for multiple PDFs?
You can, but shouldn't — if one recipient leaks it, all your encrypted PDFs are exposed. Generate a unique password per file, manage them in a password manager.
What if I forget the password?
For PDFs you encrypted yourself, there's no backdoor. AES-256 is computationally infeasible to brute-force. Use your password manager — that's the whole point. Old PDF 1.4 encryption is recoverable with tools like pdfcrack, but no modern format is.
Will the recipient need special software to decrypt?
No. Any modern PDF reader (Adobe Reader, Chrome, Edge, Preview, Foxit) prompts for the password and opens normally once entered.