Password Protect 100+ PDFs at Once (6 Methods, 2 Are Free)

Last updated: March 2026

---

TL;DR: Encrypting PDFs one-by-one burns 15-30 minutes per file. Teams handling hundreds waste 50-100 hours a month on manual protection. The 6 methods below cut that by 85-95%. The fastest free batch method is qpdf (AES-256, command line). The most complete method for business sharing is Peony (free) — bulk upload, one security policy, per-page analytics, dynamic watermarks, screenshot protection, and instant access revocation behind a single link.

I run Peony, a secure document sharing platform. We handle sensitive PDFs daily — investor decks, M&A document sets, legal agreements, financial models — and I have tested every batch protection method that exists. Most teams reach for per-file passwords first because it feels familiar. But after watching founders spend entire afternoons encrypting 50 files one at a time, only to discover they cannot track who opened them or revoke access when a deal falls through, I started documenting what actually works.

Batch PDF password protection means applying encryption (typically AES-128 or AES-256) to multiple PDF files in a single operation, rather than opening and protecting each file individually. The goal is consistent security settings across all files with minimal manual effort.

Here is the honest playbook — 6 methods, tested and ranked by how often I would actually recommend them.

---

Quick Guide

My honest take: Passwords protect files at rest but cannot track who opens them, cannot revoke access after sharing, and cannot prevent forwarding. If your PDFs contain investor materials, legal documents, or client financials — anything where a leak has consequences — Peony handles all of that with identity-bound access, page-level analytics, and instant revocation, starting free.

---

Why batch protection matters

Before diving into methods, here is why this is worth getting right.

Time savings are dramatic. Processing 50 files individually at 15 minutes each takes 12.5 hours. A batch method handles the same set in 10-30 minutes — you save approximately 12 hours per batch.

Manual repetition causes mistakes. The more clicks you make, the likelier you will miss a file, reuse a weak password, or accidentally leave one PDF unprotected. According to Verizon's Data Breach Investigations Report, 68% of breaches involve a non-malicious human element — misdelivery, misconfiguration, or credential misuse. Batch automation removes that vector.

Consistency matters for compliance. When an auditor asks "are all documents in this set protected with the same policy?" you want to answer with a script or a platform — not "I'm pretty sure I got all of them."

But don't confuse encryption with control. A password stops casual access to a file at rest. It does not give you revocation, per-viewer attribution, or guardrails against forwarding once someone has the file and password.

---

Method 1: Peony (Secure Sharing Platform)

Use this when the goal is "make sure only the right people can view these PDFs, and I can see who opened them and cut them off if needed" — not "spray individual passwords into the world."

How to:

1. Create a secure room in Peony for the project (e.g., "Q1 Financials," "Acme Due Diligence," "HR Letters 2026")
2. Bulk upload your PDFs — drag and drop the entire folder. Peony handles 100+ files at once. The AI auto-indexing sorts documents by type automatically
3. Apply one security policy to the entire room:
   • Set a password gate (or use email verification for stronger identity binding)
   • Enable dynamic watermarks (viewer's email/name stamped on every page)
   • Turn on screenshot protection
   • Configure download controls (allow or prevent downloads per link)
   • Set link expiration for time-boxed projects
4. Share a single link — recipients open it in their browser. If files change, replace them behind the same link without re-sharing
5. Monitor and revoke — page-level analytics show who viewed which files, which pages they spent the most time on, and when they returned. Revoke access for an individual, a domain, or the entire room when the project ends

I tested this against encrypting files individually during a fundraising round. I uploaded a 47-file document set and the AI auto-indexing organized everything in about 2 minutes — pitch deck into presentations, SAFEs and convertible notes into legal, bank statements into financials. I did not touch a single folder. On the per-file encryption approach, the same task would have taken me an afternoon plus a spreadsheet to track which password went to which investor.

The analytics difference showed up immediately. When I sent the same investor update through both approaches, the encrypted PDFs gave me nothing — silence. Peony's page-level analytics showed one reviewer spent 11 minutes on the financial projections, skipped the management bios, and re-opened the term sheet section four times. That signal told me exactly which sections to emphasize in the follow-up call.

Pricing: Free tier available ($0, 2 GB). Pro $20/admin/month. Business $40/admin/month for unlimited data rooms. No per-user pricing. Viewers are always free.

Pros:

• Bulk upload with one security policy across all files
• Per-page view analytics — see exactly who viewed what
• Dynamic watermarks deter leaks with viewer attribution
• Screenshot protection blocks unauthorized captures
• Instant access revocation — disable links at any time
• Files update behind the same link — no version chaos
• Recipients view in-browser without downloading or installing anything
• AI auto-indexing organizes uploaded files automatically

Cons:

• Requires internet access for viewing (not offline file encryption)
• Not suitable if counterparty specifically requires encrypted PDF deliverables

Best for: M&A due diligence, fundraising, PE portfolio management, VC deal flow, legal document sharing, client deliverables, and any scenario where you need tracking, revocation, and audit trails — not just encryption.

Example time savings with 50 PDFs: Manual per-file encryption: 50 files x 15 minutes = 12.5 hours Peony bulk upload + policy: under 10 minutes = 12+ hours saved

---

Method 2: Adobe Acrobat Pro — Action Wizard

Adobe Acrobat Pro's Action Wizard is the most approachable GUI method for batch PDF encryption. If your team already has Acrobat licenses, this is the path of least resistance.

How to:

1. Open Adobe Acrobat Pro
2. Go to Tools > Action Wizard > New Action
3. Add the "Encrypt" step (under "Protection")
4. Configure encryption settings:
   • Set encryption to AES-256
   • Enter a user password (required to open) and optionally an owner password (restricts printing/copying)
   • Choose permission levels
5. Click "Add Files" or "Add Folder" — select your entire folder of PDFs
6. Run the action — Acrobat processes all files with the same encryption settings

Encryption: AES-256 (strongest available in PDF specification).

Pros:

• Familiar GUI — no command line required
• AES-256 encryption
• Saves actions as reusable presets for future batches
• Handles complex permission combinations (print, copy, edit, extract, annotate)
• Enterprise-friendly with IT-manageable deployment

Cons:

• $22.99/month (Adobe Acrobat Pro subscription)
• No analytics or tracking after files are shared
• No access revocation once files leave your system
• Slower than CLI tools for very large batches (500+ files)
• Cannot set different passwords per file in a single run (one password for the entire batch)

My take: Acrobat Action Wizard is solid for teams that already pay for the Creative Cloud and need a repeatable, click-through workflow. But paying $276/year purely for batch encryption — when qpdf does the same thing for free — is hard to justify unless you use Acrobat's other features daily.

Best for: Enterprise teams with existing Acrobat licenses who need a GUI workflow and AES-256 encryption.

---

Method 3: qpdf (Command Line)

qpdf is my go-to recommendation for free, fast batch encryption. It is open-source, cross-platform, and supports AES-256 with full control over user and owner passwords.

How to:

1. Install qpdf:

   • Mac: brew install qpdf
   • Windows: Download from qpdf releases
   • Linux: sudo apt install qpdf or sudo yum install qpdf

2. Create an output directory and run the batch loop:

mkdir -p secured
for f in *.pdf; do
  qpdf --encrypt "YourUserPassword" "YourOwnerPassword" 256 \
    --print=none --modify=none --extract=n -- \
    "$f" "secured/$f"
done
echo "Done. Encrypted $(ls secured/*.pdf | wc -l) files."

This sets AES-256 encryption with both user and owner passwords, disables printing, modification, and text extraction.

Encryption: AES-256 (configurable: 40, 128, or 256-bit).

Pros:

• Free, open-source
• AES-256 encryption — same strength as Adobe Acrobat Pro
• Processes hundreds of files in seconds
• Full control over permissions (print, modify, extract, annotate)
• Scriptable for CI/CD pipelines and cron jobs
• Lightweight — no GUI overhead

Cons:

• Requires command-line comfort
• No GUI — some team members may not be able to use it
• Same password for all files in a basic loop (customizable with scripting)
• No tracking, analytics, or revocation after sharing

My take: This is what I recommend to any developer or ops person who asks about batch PDF encryption. It is faster than Acrobat, stronger than most online tools, and costs nothing. The only reason not to use it is if you need a GUI.

Best for: Developers, IT teams, and anyone comfortable with a terminal who needs fast, free, AES-256 batch encryption.

---

Method 4: pdftk (Command Line)

pdftk (PDF Toolkit) is one of the most widely-used PDF command-line tools. It predates qpdf and remains popular in ops playbooks and legacy scripts.

How to:

1. Install pdftk:

   • Mac: brew install pdftk-java
   • Windows: Download from pdflabs.com
   • Linux: sudo apt install pdftk

2. Run the batch loop:

mkdir -p secured
for f in *.pdf; do
  pdftk "$f" output "secured/$f" \
    owner_pw "YourOwnerPassword" \
    user_pw "YourUserPassword" \
    encrypt_128bit
done
echo "Done. Encrypted $(ls secured/*.pdf | wc -l) files."

Encryption: AES-128 (pdftk supports 40-bit and 128-bit; it does not support 256-bit).

Pros:

• Free, widely available
• Simple syntax — easy to learn
• Well-documented with decades of community examples
• Handles permissions (print, copy, modify, annotate, fill forms)
• Available on virtually every Linux distribution

Cons:

• No AES-256 support — limited to 128-bit encryption
• Slower than qpdf for large batches
• The original C++ version is abandoned; the maintained version is pdftk-java
• No tracking, analytics, or revocation

My take: If you are already using pdftk in existing scripts, there is no urgent reason to switch. But for new setups, qpdf is strictly better — AES-256, faster, and actively maintained. I would only choose pdftk for compatibility with legacy workflows.

Best for: Teams with existing pdftk scripts, or environments where qpdf is not available.

---

Method 5: Python Script with pikepdf

For teams that need custom automation — different passwords per client folder, logging to a database, integration with a file management system — Python with pikepdf gives you full programmatic control.

How to:

1. Install pikepdf:

pip install pikepdf

2. Create a batch encryption script:

import pikepdf
from pathlib import Path

input_dir = Path("./pdfs")
output_dir = Path("./secured")
output_dir.mkdir(exist_ok=True)

user_pw = "YourUserPassword"
owner_pw = "YourOwnerPassword"

encrypted = 0
for pdf_file in input_dir.glob("*.pdf"):
    try:
        pdf = pikepdf.open(pdf_file)
        permissions = pikepdf.Permissions(
            extract=False, modify_form=False,
            print_lowres=False, print_highres=False
        )
        pdf.save(
            output_dir / pdf_file.name,
            encryption=pikepdf.Encryption(
                user=user_pw, owner=owner_pw,
                R=6,  # AES-256
                allow=permissions
            )
        )
        encrypted += 1
        print(f"Encrypted: {pdf_file.name}")
    except Exception as e:
        print(f"Failed: {pdf_file.name} - {e}")

print(f"\nDone. Encrypted {encrypted} files to {output_dir}")

Encryption: AES-256 (R=6 in PDF specification).

Pros:

• Free, open-source (pikepdf is built on qpdf's C++ library)
• AES-256 encryption
• Full programmatic control — different passwords per file/folder, logging, error handling
• Integrates with existing Python workflows (Django, Flask, AWS Lambda, cron jobs)
• Can read metadata, modify PDFs, merge files, and encrypt in one pipeline

Cons:

• Requires Python and command-line setup
• More complex than a one-line bash loop for simple batches
• No tracking, analytics, or revocation after sharing

My take: This is the power-user method. I built a script similar to this for a legal team that needed to encrypt different document sets with different passwords per counterparty, log everything to a CSV, and email a summary. A bash loop could not handle that level of customization — Python could. If your needs go beyond "same password for everything," start here.

Best for: Custom automation workflows, per-client password management, integration with existing Python systems, teams that need logging and error handling.

---

Method 6: Mac Automator Quick Action

For non-technical Mac users who want a right-click batch encryption workflow without opening Terminal.

How to:

1. Open Automator (Applications > Automator)
2. Choose Quick Action (or "Service" on older macOS)
3. Set "Workflow receives current" to PDF files in Finder
4. Drag Run Shell Script into the workflow
5. Set Shell to /bin/bash and Pass input as arguments
6. Paste this script:

mkdir -p "$HOME/Desktop/Secured_PDFs"
for f in "$@"; do
  filename=$(basename "$f")
  qpdf --encrypt "YourPassword" "YourPassword" 256 -- "$f" \
    "$HOME/Desktop/Secured_PDFs/$filename"
done
osascript -e 'display notification "PDFs encrypted to Desktop/Secured_PDFs" with title "Batch Encrypt"'

7. Save as "Encrypt Selected PDFs"

Prerequisite: qpdf must be installed (brew install qpdf).

Now you can select multiple PDFs in Finder, right-click, go to Quick Actions, and click "Encrypt Selected PDFs." Encrypted files appear on your Desktop.

Encryption: AES-256 (via qpdf).

Pros:

• Right-click workflow — no Terminal required after initial setup
• AES-256 encryption
• One-time setup, reusable forever
• Desktop notification on completion

Cons:

• Mac only
• Requires initial Homebrew + qpdf installation
• Same password for all files (unless you modify the script to prompt)
• No tracking, analytics, or revocation

Best for: Mac users who want a repeatable, GUI-friendly batch flow without typing commands each time. A good option for team members who are not comfortable with Terminal.

---

Comparison table: all methods side by side

The key difference: Methods 2-6 protect files at rest — they encrypt the PDF so it cannot be opened without the password. But once someone has the file and password, you lose all visibility and control. Peony protects files in motion — identity-gated access, page-level analytics, dynamic watermarks, and instant revocation. For most business sharing scenarios, the second model is what you actually need.

---

Use cases: which method fits your workflow

Due diligence and M&A — Use Peony. You need data rooms with folder hierarchies, per-party access control, NDA gates, page-level analytics to understand reviewer interest, and the ability to revoke access when a deal closes. Encrypting individual PDFs for a 200-document due diligence set is a management nightmare. See our M&A due diligence guide and data room for investors guide.

Fundraising — Use Peony. Founders sharing investor decks need to know which investors actually read the materials, which sections they focused on, and whether they forwarded the deck to analysts. Encrypted PDF attachments give you silence. Peony gives you signal. See securing your pitch deck.

Legal document exchange — Use Peony for ongoing case rooms with tracked access. Use qpdf if opposing counsel specifically requires encrypted PDF deliverables.

Accounting and tax — Use Peony for client portals where tax packages are shared securely with email verification. Use qpdf or Python for one-time batch encryption when shipping files via SFTP or archive.

HR and compliance — Use Peony for distributing policies and handbooks by department with acknowledgment logging. Use Acrobat Action Wizard if HR already has Creative Cloud licenses.

Developer automation — Use Python (pikepdf) for CI/CD pipelines, per-client password management, and integration with document management systems. Use qpdf for simple cron-job batch runs.

---

Batch protection by the numbers

• $4.88 million — average cost of a data breach in 2024, with compromised credentials as the leading cause (IBM Cost of a Data Breach Report)
• 68% — percentage of breaches involving a non-malicious human element: misdelivery, misconfiguration, or credential misuse (Verizon DBIR, 2025)
• 85-95% — time savings from batch protection versus per-file manual encryption
• 15-30 minutes — average time to manually password protect a single PDF (open, encrypt, set permissions, save, record password)
• 12.5 hours — time to manually protect 50 PDFs at 15 minutes each
• under 10 minutes — time to protect the same 50 PDFs via Peony bulk upload or a qpdf batch script

---

Practical tips for batch PDF protection

Use strong, unique passphrases. NIST's digital identity guidelines recommend 16+ character passphrases over short passwords with complex character requirements. "correct-horse-battery-staple" is stronger than "P@ssw0rd!" and easier to communicate over the phone.

Never send the password in the same channel as the files. If you email encrypted PDFs, share the password via phone call, text message, or a different messaging app. This is the single most common mistake I see — the password right there in the same email thread. See secure file sharing best practices.

Standardize your batch workflow. Write a one-page SOP for your team's batch method — whether that is an Acrobat Action Wizard preset, a qpdf shell script, or a Peony room template. When teammates improvise, they make mistakes.

Label outputs clearly. Write encrypted files to a /secured folder and use consistent naming: ClientA_NDA_protected.pdf. Never mix protected and unprotected copies in the same directory.

Close the loop. After a project, deal, or audit, revoke access (Peony) or rotate passwords and archive the encrypted set. Quiet hygiene beats emergency cleanup. See confidential documents guide.

Prefer identity over shared passwords. Named access (email verification, specific-person links) is auditable and revocable. Shared passwords are not. If you can use identity-bound access through Peony instead of a shared password, do it.

---

Bottom line

Batch-protecting PDFs is common and solvable. The right method depends on what you are actually trying to achieve:

• Need free, fast file encryption? → qpdf with AES-256 (Method 3) — processes hundreds of files in seconds
• Need a GUI for non-technical users? → Adobe Acrobat Action Wizard (Method 2) or Mac Automator (Method 6)
• Need custom automation with per-client passwords? → Python with pikepdf (Method 5)
• Need tracking, revocation, watermarks, and audit trails? → Peony (Method 1) — the only method that gives you visibility after sharing

The honest truth: passwords alone are necessary but not sufficient for sensitive documents. They protect files at rest, but the moment you share a password-protected PDF, you lose all control. If your PDFs are investor materials, legal documents, or client financials, the security model you need is identity-bound access with analytics and revocation — and that is what Peony provides, starting free.

Try Peony free — bulk upload your entire PDF folder, apply one security policy to every file, and share a single password-gated link with per-page analytics, dynamic watermarks, and instant access revocation. No per-file encryption needed.

---

FAQ

What is the fastest way to password protect multiple PDFs at once?

The fastest method depends on your goal. If you need to deliver password-encrypted PDF files, use qpdf with a bash loop — it processes hundreds of files in seconds with AES-256 encryption. If your goal is secure sharing with tracking and access control, Peony lets you bulk upload an entire folder and apply one security policy (password gate, email verification, dynamic watermarks, screenshot protection, link expiry) in under 10 minutes — no per-file encryption needed.

Can I batch password protect PDFs for free?

Yes. qpdf (free, open-source) and pdftk (free) both handle batch encryption via command-line loops. Python with the pikepdf library is also free and gives you more control over automation. On Mac, you can build an Automator Quick Action that wraps qpdf for a right-click batch flow. Peony also offers a free tier for secure document sharing with password-gated links, view tracking, and dynamic watermarks — without needing to encrypt files individually.

Is Adobe Acrobat the best tool for batch PDF encryption?

Adobe Acrobat Pro's Action Wizard is the most user-friendly GUI method for batch encryption, but at $22.99/month it is expensive for a single feature. qpdf provides the same AES-256 encryption for free, and is faster for large batches. For secure external sharing, Peony provides password-gated links with per-page analytics, dynamic watermarking, and instant access revocation — capabilities that Acrobat cannot match at any price tier.

What is the difference between a user password and an owner password on a PDF?

A user (open) password encrypts the PDF contents — without it, the file is unreadable. An owner (permissions) password restricts actions like printing, copying, and editing, but can be removed in seconds with widely available free tools. Only the user password provides real security. Both qpdf and pdftk let you set both passwords in batch. For sensitive documents, Peony goes beyond both: identity-bound access ties viewing to verified email addresses, dynamic watermarks deter leaks, and access revocation lets you cut off viewers instantly.

Can I use Python to batch encrypt PDFs?

Yes. The pikepdf library (free, open-source, based on qpdf's C++ library) supports AES-256 encryption with full control over user and owner passwords, permission flags, and output paths. A 15-line Python script can encrypt hundreds of PDFs with logging and error handling. For ongoing document sharing workflows, Peony eliminates the need for per-file encryption entirely — upload once, apply one security policy, and share a single link with full analytics and access control.

Can I revoke access to password-protected PDFs after sending them?

No. Once someone has the PDF file and the password, you cannot revoke their access — the file works forever, offline, on any device. This is a fundamental limitation of file-level password protection, regardless of which tool you used to encrypt. Peony solves this: disable any sharing link at any time, and the recipient can no longer view the document. Combined with link expiry, identity-bound access, and page-level analytics, you get control that password protection alone cannot provide.

Can I track who opens my batch-encrypted PDFs?

No. Password-protected PDF files provide zero visibility after sharing — you cannot see who opened them, when, how long they read, or whether they forwarded the file and password to others. This is true whether you encrypted with Acrobat, qpdf, pdftk, or Python. Peony provides page-level analytics for every document: who viewed, which pages, time spent per page, return visits, and device information — without requiring any file-level encryption.

How do I password protect hundreds of PDFs for a due diligence data room?

For due diligence, encrypting individual PDF files creates a management nightmare — different passwords for different parties, no access revocation when the deal closes, no visibility into reviewer engagement. Peony is purpose-built for this: create a data room, bulk upload your entire document set, and the AI auto-indexing organizes files by category. Apply one security policy with password gates, email verification, dynamic watermarks, and NDA requirements. Share a single link per party, track page-by-page engagement, and revoke access instantly when the deal closes.

Is AES-128 or AES-256 encryption better for PDF password protection?

Both are computationally infeasible to brute-force with a strong password. AES-256 provides a larger key space and is the standard for government and financial use. macOS Preview and Microsoft Word use AES-128; qpdf, pikepdf, LibreOffice, and Adobe Acrobat Pro support AES-256. For practical purposes, password strength matters far more than key length — a 16-character passphrase with AES-128 is more secure than a 6-character password with AES-256. Peony uses AES-256 encryption for all stored documents and adds identity-bound access control on top.

What is the best way to share batch-protected PDFs with external parties?

If you must deliver encrypted files, use qpdf or pdftk for batch encryption and send the password through a separate channel (phone, text, different messaging app) — never in the same email thread. For a more secure approach, use Peony: upload all PDFs to a secure room, apply password protection and email verification at the folder level, and share a single link. Recipients view documents in their browser without downloading. You get per-page analytics, dynamic watermarks, screenshot protection, and instant access revocation — none of which file-level passwords provide.

---

Related Resources

• How to Password Protect PDF Without Adobe (7 Free Methods)
• Password Protect Folders — Complete Guide
• Secure File Sharing Best Practices
• How to Prevent PDF Forwarding
• How to Securely Send Documents via Email
• How to Share Confidential Documents Securely
• Document Security and Data Protection Guide
• Dynamic Watermarking Complete Guide
• Virtual Data Room Cost Guide
• M&A Due Diligence Process — Complete Guide