Avast Academy Security Passwords Step-by-Step Guide to Password Protect a File or Folder in Windows

Step-by-Step Guide to Password Protect a File or Folder in Windows

Your Windows login password isn’t going to last long against a skilled hacker. Go one step further and secure your files and folders with password locks. Here, learn how to password protect folders and files with strong, hard-to-crack passwords and encryption. Then, find out how to protect your passwords with specialized data leak monitoring software.

Written by Ivan Belcic
Updated on August 12, 2023

Once you set up a Windows password, you’d think everything would be safe and secure, but unfortunately that’s not the case. While a Windows login password offers a basic level of protection to keep your files safe from others who share your computer, risks still abound.

If your laptop is stolen, the thief can boot up your computer from a removable device and access your files. Or, they can remove the hard disk, install it on another computer, and gain access to all of your files and personal data.

Hamburguer menu icon

This Article Contains :

    Use encryption to password protect a folder or a file

    The most straightforward (and least secure) way to encrypt your files is to use Windows’ built-in folder encryption feature. Here’s how to encrypt a file or folder in Windows 11, 10, 8, or 7:

    1. Navigate to the folder or file you want to encrypt.

    2. Right-click the item, click Properties, then click Advanced.

      The Windows Properties menu for a file or folder.
    3. Check Encrypt contents to secure data. Click OK, then click Apply.

      Encrypting a file in the Windows Properties menu.
    4. Windows then asks if you want to encrypt only the file or its parent folder and all the files within that as well. Opt for full-folder encryption to be safe.

    5. A pop-up window will offer you the option to back up the encryption key to ensure you never lose access to the file. If you don’t wish to back up, click Never back up to complete the process. Otherwise, click Back up now (recommended) and follow the remaining steps.

      A prompt to back up one's file encryption and key.

      If this prompt does not appear, hit Win + R on your keyboard. Type “certmgr.msc” and hit enter. Click Personal and double-click Certificates. Find your Windows username; to the right under Intended Purposes, it should say Encrypting File System. Right click, hover over All Tasks, and click Export. Now continue from step 7.

    6. Click Next and Next without changing anything. Make sure it matches the screenshot below.

      Using the Windows certificate export wizard, used to export a file or folder encryption certificate and key.
    7. Check the box next to Password and enter the password you want to use to protect this encryption. Then click Next.

      In the next window of the Certificate export wizard, the box next to "Password" is checked so that a password can be entered.
    8. Set the location of the backup and click Save. Then, click Next to see an overview of the export and Finish to complete the export. Now, when you navigate to the encrypted folder, you’ll see a small yellow lock on the file icon. New content added to that folder will automatically be encrypted as well.

      An encrypted file in Windows

    Windows file encryption protects your files if someone gets their hands on your computer. The encryption is tied to your Windows account, so when you’re logged in, the operating system automatically decrypts your files. But if someone were to log in through another account, the files would be encrypted and they wouldn’t be able to access them.

    But since your files are accessible through your account, if someone gets unauthorized access to your computer while you’re logged in, this encryption is useless. This is where a strong login password can keep you safe.

    Regular Windows encryption will take you only so far, because it’s easy to get around it by gaining access to your user account. There are ways to recover a Windows password, and they can be manipulated. If a cybercriminal manages to hack your account or obtain your password, they’ll have full access to your files. That's why you should aim to prevent hacking in the first place by using antivirus software.

    Keep your data safe with Avast BreachGuard. If your passwords or other personal data are ever leaked online, BreachGuard will warn you ASAP. That way, you can regain control of your accounts before anyone has the chance to log in with your credentials.

    How to password protect an Excel file

    Want to password protect an Excel file that’s full of your financial information? Here’s how to password protect an Excel file using Excel’s in-built encryption:

    1. With Excel open, click File, then Info.

    2. Click Protect Workbook, then Encrypt with Password.

    3. Enter your password and click OK.

    4. Enter your password again and click OK. Make sure it’s something you’ll never forget, or record it somewhere safe.

    How to password protect a PDF file

    If you have a subscription to the paid version of Adobe Acrobat, you can use the app to quickly and easily password protect PDFs with the following steps:

    1. Click Tools. Then click Protect. You may have to click See More first.

    2. Click Encrypt, then Encrypt with Password.

    3. Choose Require a Password to Open the Document and enter your password.

    You can also password protect a PDF file for free on Adobe’s website. But if you’re not comfortable uploading a sensitive PDF to a third-party server to password protect it, you can still lock the file in Windows as outlined above.

    How to password protect a Word document

    Microsoft Word also comes with its own embedded document encryption tool. Here’s how to password protect a Word document:

    1. With the Word document open, click File and Info.

    2. Click the Protect Document button.

    3. Click Encrypt with Password.

    4. Enter your chosen password and click OK.

    It can be helpful to encrypt a Word file from within Word itself for increased protection. Just know that if you share the file with someone, they’ll need the password to open it.

    You can also learn how to password protect a zip file; simply make an archive by highlighting the files you want to zip, right click them all, and click Add to archive… There will be an option to add a password. You can also make it a rar file, and opening that rar file will still require a password.

    Why can’t I password protect a folder?

    If you’re unable to password protect a folder, it’s most likely because you’re using Windows Home. But this obstacle can be bypassed once you know how to password protect a folder using BitLocker — a Windows feature that lets you add a password to a folder by making it a virtual drive.

    Windows Home also doesn’t offer encryption for compressed files, so, if you’re wondering how to password protect a zip file, you’ll need to use third-party encryption software such as WinRAR that lets you encrypt and open RAR files and other compressed file formats.

    Use password protection software

    Unlike Windows’s own file encryption technology, third-party password protection bars access to files and folders regardless of which user account is logged in. These tools offer more security than built-in Windows security features and are highly recommended for sensitive data.

    If you want to know how to lock a folder without moving its location, go with one of these apps.

    How to make a password protected folder in Windows 11 & 10

    Folder Lock is one content protection feature for Windows worth looking at. Folder Lock makes it easy to put a password on a folder, and it can password protect and encrypt files and folders at blazing speeds. The software uses Advanced Encryption Standard (AES) 256-bit keys to keep your data safe — the same level of encryption you’ll find with many powerful VPNs, like Avast SecureLine VPN.

    The Folder Lock file encryption program for Windows 10

    Folder Lock uses a master password to control locked content. You can also create a “Locker,” a secured folder on the drive to house specified content. And you can assign a unique password and configure the maximum disk space for each Locker. Don’t lose or forget this password.

    Folder Lock comes with a powerful file shredder and a cloud-based backup solution as well. The demo is free, while the full-version is $39.95. Knowing how to lock a folder in Windows costs a bit of money, but the functionality and customization makes it worth it. Now you know how to password protect a folder.

    How to make a password protected folder in Windows 8 & 7

    My Lockbox is a lightweight utility with an easy-to-use interface that works for Windows XP, Vista, and Windows 7 — it’s also compatible with Windows 10 and 11. After installation, the tool will ask you to set a location for your locked folder. Great for those who want to know how to lock a folder in their PC with a specific location.

    All locked folders will be hidden on your drive until you unlock them. My Lockbox is free and resource-light, making it an ideal solution for older computers or operating systems.

    Passwords are almost always the weakest link in a security chain. A password strength checker can be of great use here. Online resources like The Password Meter and my1login are good tools.

    While strong password protection will be enough for most users, if you have sensitive data, then more advanced methods such as third-party encryption tools can be used to safeguard data.

    You should know that later versions of Windows are updated and protected more rigorously. Upgrading from Windows 7 to Windows 10 might be a good idea when it comes to PC security.

    Use full encryption software to secure files and folders

    You can also use disk-encryption software for more robust security than just a password. These tools block even the most advanced brute-force attacks, which try to crack passwords and encryption keys using different combinations.

    This kind of full-encryption software adds an extra layer of security by incorporating both password and encryption protection to your files, meaning that the actual contents of files and folders are encrypted and protected by much stronger and more complex decryption keys.


    7-Zip is free, open source software that can be used on any computer, and virtually any Windows system. It is essentially a file archiver that uses high compression and strong AES-256 encryption.

    Your files are compressed and encrypted, so when you go to access them, you simply need to decompress the file first. Yes, it’s an extra step, but a small price to pay for high security. To secure your data with 7-Zip, follow these steps:

    1. Download the latest version of 7-Zip and install it.

    2. In your Windows directory, select 7-Zip File Manager.

      7-Zip File Manager in the Windows directory
    3. From the 7-Zip control panel, select the file or folder you’d like to protect and click the Add button.

      Protecting files in 7-Zip File Manager for Windows
    4. Choose your compression options (see image below).

      1. Enter the name for your encrypted file.

      2. Under the Encryption section, set a strong password for encrypting and decrypting.

      3. We recommend setting your compression level to HIGH and your compression method to AES-256.

      4. Click OK.

        File compression options in 7-Zip File Manager for Windows

    Your file or folder is now compressed, encrypted, and protected. Decompressing is just as simple:

    1. From the 7-Zip control panel, select the file or folder you’d like to open.

    2. Click the Extract button.

      Decompressing a file in 7-Zip File Manager for Windows
    3. In the dialogue box, enter the password. Then click OK.

    4. Your file or folder will decompress and open for you.


    With support for AES, Serpent, and TwoFish keys, VeraCrypt is a free, cross-platform data security tool that can encrypt files very effectively. VeraCrypt comes with full disk encryption but can encrypt at the volume (folder) level as well. Users can decide whether they want specific folders encrypted or entire systems.

    VeraCrypt may seem intimidating, but it’s actually quite simple once you get the hang of it. The software works similarly to the Daemon tools that can create a virtual CD drive on your computer.

    Download the setup file for Windows and install the software, then follow these instructions:

    1. To start, you need to create a volume, which is essentially an encrypted folder to house your data. Click on Create Volume.

      Creating a volume in VeraCrypt for Windows
    2. Select Create an encrypted file container and click Next.

      Creating an encrypted file container in Veracrypt for Windows

      VeraCrypt lets you create a normal, visible container or an invisible one. For our example, we’ll choose Standard VeraCrypt volume, but select whichever option is best for you.

      Selecting a volume visibility configuration in VeraCrypt for Windows
    3. Click Select File and navigate to where you want to store your encrypted container. Click Next.

      Selecting a volume location in VeraCrypt for Windows
    4. Now choose your preferred encryption method. We recommend AES-256, some of the strongest encryption used today. Then click Next.

      Selecting an encryption method in VeraCrypt for Windows
    5. Note how much space you want the encrypted folder to have. 10 MB should be enough, but if you have multimedia files, you may need more space.

      Configuring the encryption folder size in VeraCrypt for Windows
    6. Finally, enter the password you want to use for your volume (folder) and click Next. Make sure your password is strong.

      Setting a file encryption password in VeraCrypt for Windows

    VeraCrypt is now ready to create your container. Remarkably, the tool can use random mouse movements to create your encryption key and encrypt the folder. Move your mouse around a lot because that makes the encryption key stronger — do this until the bar at the bottom reaches the end. Then click Format.

    Using random mouse movements to create an encryption key in VeraCrypt for Windows

    Your first encrypted volume should now be sitting in its designated folder.

    To add files or folders to your encrypted container, follow these steps:

    1. To mount your volume, choose a drive number from any one of the drives available on the VeraCrypt home screen.

    2. Click any of the letters in your highlighted volume name, click Select File, and navigate to the folder where you saved your encrypted container.

      Selecting a volume to mount in VeraCrypt for Windows
    3. Click Open to select the volume.

      Opening a selected volume in VeraCrypt for Windows
    4. Next, click Mount to mount the volume to the selected drive. Enter your password and click OK. Your container is ready.

      Mounting a volume to a selected drive in VeraCrypt for Windows

    Double-click the mounted drive to open another window of the container. You should also see the container in This PC along with your other drives.

    A mounted encrypted drive in VeraCrypt for Windows

    Now, copy the content to your new encrypted “drive,” click dismount to close the folder, and encrypt it again.

    The difference between password protection and encryption

    Password protection is like locking something in a safe, like a highly sensitive document. Encryption is like rearranging all the letters in a document so that they can only be placed back in the correct order if you have a special decoder key.

    With password protection, knowing the password is literally the key. That’s why it’s sometimes referred to as knowledge-based authentication. Once you know how to password protect a folder, anyone who wants to access it must know the password as well. Your passwords can be leaked when a company suffers a security breach.

    If you need a physical key, like an actual key or a special USB drive, to access a secret document, this would be a form of possession-based authentication. If the key were your fingerprint or face, you would be using inherence-based authentication, because you’re using something that is inherent to you and you alone. These factors are important in two-factor authentication.

    Encryption scrambles a document’s data so that it looks like a wall of random characters. To access the document, you need to have a decryption key. Unencrypted documents are stored normally in plaintext, and anyone can read them.

    In the case of file and folder encryption in Windows, the “key” means being logged in to your account as the correct user. Even on the same computer, documents encrypted by one user are unreadable on another user account.

    Password encryption is a third option that combines password protection and encryption. If someone has the right password to unlock the file or folder, they still won’t be able to read it if they’re not logged in as the authorized user.

    Differences between files that are password protected, encrypted, and password encrypted.

    Why password protect files?

    You should password protect files because if you share your computer with others, someone might accidentally delete or modify an important file, or even share a private folder. You might even make the critical error yourself, accidentally sending sensitive information to the wrong person.

    Sharing a computer is not a problem if you add a password to your most sensitive files. Entering a password every time you access that file may slow you down a bit, but the added security is worth it.

    Always use strong passwords. Avast’s free random password generator will instantly create a unique and hard-to-crack password whenever you need one.

    And you can always use Windows to encrypt an entire folder, as described above. Knowing how to password protect a folder and how to encrypt your files is key to making sure your content is locked up tight.

    Managing files and passwords

    Now that you know how to password protect and encrypt your files and folders in Windows, all that’s left is keeping your passwords safe and following good security practices.

    Back up your data

    Consider what might happen if you lost your master password, if your encryption software got corrupted, or if the files themselves got lost. Backing up your data regularly and using a password manager can help ensure that never happens. You can even clone your entire hard drive to an external storage device.

    Some of the tools mentioned above, like Folder Lock, come with their own cloud-based data backup solutions. But you can use Microsoft’s OneDrive or the free Google Drive as well.

    Create strong passwords

    The biggest challenge with strong passwords is remembering them. But you’re setting yourself up for potential data theft if you create one password to use across all of your accounts. The common alternative — creating simple, easy to remember passwords — is just as bad.

    Weak and common passwords are easy to hack using programs that cycle through different key combinations at unfathomable speed. These password cracking techniques are highly advanced. In 2012, hackers created a computer cluster that guesses passwords at a rate of 350 billion per second — and things have only evolved since then.

    That’s why long, unique, and hard-to-guess passwords are one of the best ways to protect your files and devices against hackers.

    Keep your new passwords safe and secure

    Now that you’ve encrypted your files with unique and hard-to-guess passwords, protect all your passwords and accounts with Avast BreachGuard. With 24/7 dark web monitoring, BreachGuard will alert you if your passwords or other personal data are ever leaked, helping you to respond ASAP and stay ahead of anyone looking to compromise your accounts.

    Get comprehensive data and security protection with Avast One


    Get comprehensive data and security protection with Avast One

    Ivan Belcic