How to Password Protect a PDF File
Last updated
Plenty of documents shouldn't travel as plain PDFs: payroll slips, signed contracts, ID scans, NDA copies, medical records, financial statements. A password and proper encryption turn the file into something only the intended recipient can open — even if the email is forwarded, intercepted, or sits forever in a corporate mailbox.
This guide walks through adding password protection to a PDF using the PDF Editor app on iPhone or Android. It also covers what to avoid: weak passwords, legacy encryption ciphers, and the common mistake of sharing the password in the same channel as the document.
By the end, you'll have a repeatable protection workflow you can apply to sensitive documents in under a minute, with strong AES-256 encryption that's accepted by enterprise security policies.
Step by step
- 1
Open the PDF you want to protect
Import the document into PDF Editor from Files, iCloud Drive, Google Drive, or any sharing app. The whole flow runs locally — your file never leaves the device.
- 2
Tap Protect in the tools menu
Find it under the document tools. Choose 'Password protect' to require a password to open the file, or 'Restrict permissions' for view-only access.
- 3
Pick a strong password
At least 12 characters, mixing letters, numbers, and symbols. Avoid common words and personal details (birthdays, names). Generate one in your password manager if you have one — that's the right move.
- 4
Confirm the password
Re-enter it to avoid typos. Once the file is encrypted, there's no recovery if you've mistyped.
- 5
Choose restrictions (optional)
Allow viewing but block printing, copying text, or extracting pages. Useful when the recipient needs to read the document but you don't want them redistributing chunks of it.
- 6
Save as a new file
Keep the original unprotected version in a safe place — if you ever forget the password, you'll still have access. Save the protected copy with a clearly different name.
- 7
Share the password via a separate channel
Email the encrypted PDF; text or call the password. Never put both in the same email — if the email account is compromised, both are leaked. A small habit that prevents most real-world incidents.
Tips
- AES-256 is the right encryption — the app uses it by default. If a tool offers 'compatible' or 'legacy' encryption, those are typically broken; avoid them.
- Don't reuse the password across multiple documents. If one leaks, you don't want a domino effect.
- If the recipient is non-technical, give them simple instructions: 'You'll need this password to open the file: XYZ' is enough.
- Use a password manager to share passwords securely when possible — most have a 'share' feature that doesn't require both parties to have accounts.
- For very sensitive files (legal, medical, financial), consider 1Password's or Bitwarden's secure-sharing links instead of texting the password.
Try it on your phone
Protecting a PDF runs entirely on-device. Even in airplane mode, you can lock down a contract before sending it the moment you connect again. This matters for travelers handling sensitive documents from a hotel lobby or airport — the protection happens locally, then you only need a connection for the actual send.
