Protect PDF
Add a password with real AES-256 encryption — the same qpdf engine used on servers, compiled to WebAssembly and running in your browser. Your file and your password never leave this device.
Protect PDF Tool
Drag & drop here
or click to browse
Genuine AES-256 Encryption, Entirely In Your Browser
Most online “protect PDF” tools ask you to upload the document and type the password on their servers — exactly the two things that should never leave your machine. This tool runs qpdf, the industry-standard open-source PDF transformation engine, compiled to WebAssembly and executing inside your browser. Your PDF is encrypted with 256-bit AES — the modern PDF 2.0 standard — and the password is applied on your own device.
The result opens in any PDF reader (Adobe Reader, Preview, browsers) after entering the password. Everything runs on your device via open-source browser libraries — your file is never uploaded. You can verify it yourself.
Frequently Asked Questions
Real encryption. The document content is encrypted with AES-256 by qpdf, the same engine used in server pipelines worldwide. Without the password the content is cryptographically unreadable — not hidden, encrypted.
There is no recovery, no backdoor, and we never see the password — it exists only in your browser's memory during encryption. Store it in a password manager.
Yes — AES-256 is the standard PDF encryption; Adobe Reader, macOS Preview, Chrome, Firefox, and mobile readers all prompt for the password and open it normally.
Your browser downloads the qpdf WebAssembly engine (about 1.2 MB) on first use. After that it is cached and encryption is nearly instant. Your file itself never travels anywhere.
A strong password is only useful if it travels separately
Password protection encrypts the PDF download. Sending the password in the same email as the file defeats much of that protection.
Create a unique passphrase
Use a long, unpredictable passphrase that is not reused for an account. Record it in a password manager before downloading the protected file. There is no QuickMerge recovery service because the password and document are not stored by QuickMerge.
Test the recipient workflow
Open the exported PDF in a second viewer and confirm it asks for the password. Browser, mobile and older desktop viewers do not all support the same encryption features. Check compatibility before relying on the file for an urgent submission.
Separate confidentiality from authenticity
Encryption limits access; it does not prove who created the document or whether it was changed. Use a digital-signature workflow when authenticity and tamper evidence matter. Once a recipient has opened the PDF, they may still copy, photograph or redistribute its contents.
Security guidance reviewed 11 July 2026 · Editorial policy