Protect a PDF with a password — free

How it works

1. Drop the PDF to protect (max 10 MB on free, 200 MB on Premium).
2. Set a password (4 to 64 characters). Tick the restrictions you want (prevent printing and/or text copy).
3. Click Protect. The resulting PDF will ask for the password on every open and enforce the restrictions.

AES-256 encryption

Protection relies on AES-256 encryption, the industry standard for sensitive documents, compliant with banking and government security requirements. The opening password (user password) and the restrictions are applied in a single pass; the PDF remains compatible with Adobe Reader, macOS Preview, modern browsers (Chrome/Edge/Firefox/Safari) and mobile PDF readers.

The password is used only to derive the encryption key, never stored server-side. Once the protection is applied, only the password holder can open the PDF.

Available restrictions

Prevent printing: the « Print » button is disabled in PDF readers that honor restrictions (Adobe Reader, macOS Preview, native PDF readers). Note: some third-party tools may bypass this — it's a normal-use protection, not an absolute cryptographic lock.

Prevent text copy: selection and copy-paste are blocked in well-behaved readers. Same caveat, this is not unbreakable against a determined actor.

The only true cryptographic protection is the opening password — without it, the PDF is unreadable.

Privacy and security

The entire operation runs on our servers in France (OVH Gravelines), no US tier. Source PDF and protected PDF are deleted within 1 hour maximum, no result caching. The password is never stored: it's used only to derive the encryption key, then immediately erased from memory after processing. GDPR compliant, DPA available on request.

Frequently asked questions

What happens if I forget the password?

The PDF is unrecoverable. AES-256 encryption leaves no back door. Save the password in a manager (Bitwarden, 1Password, KeePass) before protecting an important document.

Is the password transmitted anywhere?

No. It's used locally on the server to derive the encryption key, then erased from memory. No log, no storage, no third-party transmission.

What password length do you recommend?

At least 12 characters mixing uppercase, lowercase, digits and symbols. A short password (4-6 characters) is still accepted but vulnerable to a brute-force attack within hours.

Can I remove the protection later?

Not via conv2pdf. To strip a password, use the original PDF software or a dedicated tool — only if you know the original password.