Password protection is what makes flipbooks viable for investor decks, HR handbooks and pre-launch catalogs. This tutorial covers the three modes most platforms support — single password, per-recipient passwords and SSO domain-restriction — and explains when to use each.
What you need before you start
- A flipbook tool with password support (FlipHTML5, Heyzine, Flipsnack, Issuu)
- A clear list of who should be able to read the flipbook
- A way to deliver the password (email, intranet, password manager)
The walkthrough
- Decide on the protection mode. Single password: one password for everyone — easiest to manage, hardest to revoke. Per-recipient: each reader gets a unique password — easy to revoke, more setup. SSO: only readers from a specific email domain can request access — most secure, requires admin setup.
- Configure the password in the flipbook tool. Open the protection panel, pick the mode, and either set a single password or upload a CSV of recipient emails. Most tools generate per-recipient passwords automatically.
- Style the locked landing page. By default the locked landing page shows generic text. Replace it with branded copy — your logo, a one-paragraph description of the flipbook, and a contact link in case the reader has trouble accessing it.
- Distribute passwords securely. For single passwords, send via a secure messaging tool, not email. For per-recipient passwords, the platform usually emails them automatically. For SSO, no distribution is needed — readers authenticate with their existing email.
- Plan a rotation schedule. Single passwords should rotate every 90 days. Per-recipient passwords are revoked on demand. SSO is rotated at the identity-provider level.
- Test the access flow. Open the locked URL in an incognito window and walk through the access flow as a real reader would. Most usability bugs surface here.
Worth reading next:
an independent walkthrough of the same workflow on a different platform
from our recommended editorial partners.
Common mistakes to avoid
- Using a single password for documents that need to be revocable — switch to per-recipient
- Sending the password in the same email as the URL — defeats the purpose
- Forgetting to brand the locked landing page — readers assume the link is broken
Once it's published
Most flipbook tools log access attempts in the analytics view. Watch the 'failed access' counter — a spike usually means the password got shared more widely than intended, which may justify rotating to per-recipient passwords.
Compare alternatives:
a recent independent benchmark of flipbook tools
is worth reading if you are still picking a platform.
Other tutorials in this library
- How to turn a PDF into a flipbook with FlipHTML5
- How to turn a PDF into a flipbook with Heyzine
- How to publish a flipbook from Canva (no separate tool needed)
- How to publish a flipbook on Issuu
- How to publish a flipbook for free using Google Slides
- How to publish a flipbook with Flipsnack
- How to embed a flipbook on your website without a developer
- How to add audio narration to a flipbook