Guide · June 15, 2026 · 7 min read
How to share a private, password-protected page with a client
You built something good — a proposal, a project hub, a microsite, a deck — and now you have to send it. That's where most tools quietly fall apart: the link is public to anyone who has it, there's no password, it can get indexed by Google, and you never find out if the client even opened it. Here's the honest, tool-by-tool fix.
Read this first
A browser “password” is not protection
Before the per-tool options: a password that runs in the browser — a JavaScript prompt, a hidden element — is not real protection. Anything the browser needs to show the page is in View Source, password included.
Real protection checks the password before the page is sent, on the server or at the edge. Some of the options below are genuine; some are theatre. The difference is where the check happens. (More on the secure way to do it in our guide to password-protecting a web page.)
Tool by tool
What each tool actually supports
What's native, what's a workaround, and the cleanest path when you just need to send it.
Notion
Notion has no native per-page password. A published Notion page is public to anyone with the link, and pages can end up indexed by Google. Your real options: invite the client by email (they need a Notion account, which most clients hate); use a wrapper like Super.so, Sotion or Potion to host on a custom domain with a real password; or, for a one-off, export to HTML/PDF and put that behind a private link. (Full walkthrough: password-protecting a Notion page.)
Framer
Framer's password protection locks the entire site, not a single page — a gap designers have asked about for years. Options: the site-wide password if locking everything is fine; a page-lock component or FramerAuth for per-page gating (confirm it's a real server check, not a client-side overlay); or, for a single client-review page, a standalone private link with less hassle.
Gamma
On the free plan your deck carries a “Made with Gamma” badge — fine internally, awkward for a client — and the share link is public-by-link with no password. If the deck is a client deliverable, either upgrade to remove the badge, or export it (PDF/PPTX) and deliver the export through a private, tracked link.
Canva
Canva Websites support password protection on the Pro plan. Individual designs, though, are shared by link with an “anyone with the link” setting and no password — so export those and share them privately if they hold client information.
Figma
Figma prototypes share by link, and password-protected sharing is available on paid plans — handy when confidentiality matters. Make a client-only version first: strip internal comments and dev notes before you send.
Google Slides & PowerPoint
Both share by link, but neither password-protects a single presentation for an external viewer. The practical route is to export to PDF and deliver that behind a private link — which also lets you see whether it was opened.
Plain HTML (or anything you built with AI)
If your deliverable is — or can be exported to — HTML (a Claude or ChatGPT
artifact, an exported deck, a hand-built page), this is the cleanest case of all. Host it
behind a link where the password is checked at the edge before the page loads, set it to noindex so it never reaches Google, and you're done. That's exactly what we built Pagelive for: paste or drop the HTML, get a private branded link, add a password
if you want, and the page stays off search engines by default. Free for 10 pages.
The part files can't do
Half the value is knowing they opened it
A file attachment tells you nothing after you hit send. A tracked link tells you whether it was opened, when, and how long they spent — the signal that tells you to follow up today or let it go. Send the link, not the file.
2
opens
4m 12s
read time
3
pages viewed
The short version
So which route do you take?
It lives in the tool long-term
Use that tool's own gate — a Canva Pro website password, Framer's site password, or a Notion wrapper like Super.so. Native, but usually a paid tier.
It's a one-off you just need to send
Export to HTML or PDF and deliver it as a private, password-protected link. Less setup, it stays off Google, and you find out whether the client opened it.
Frequently asked
Can you password-protect a Notion page? +
Not natively — Notion has no per-page password, and a published page is public to anyone with the link. Use a wrapper like Super.so, Sotion or Potion to add a real gate, or export the page and put that behind a private link.
Does Framer support per-page password protection? +
Only site-wide. Framer's built-in password locks the entire site, not a single page — a long-standing, much-requested gap. For one page you need a lock component / FramerAuth, or a standalone private link.
Can you remove the “Made with Gamma” badge before sending a deck? +
Only on a paid plan. On the free tier every shared deck carries the badge and there is no password. For client work, upgrade to remove it, or export the deck (PDF/PPTX) and deliver the export privately.
Does Canva let you password-protect a website? +
Yes — Canva Websites support password protection on the Pro plan. Individual designs are shared by link only (no password), so export those if they need a gate.
How do I share a web page without it showing up on Google? +
Set the page to noindex and don’t publish it to the open web — share a private link instead. A JavaScript “password” won’t help: the page is still fetchable and fully readable in View Source.
How can I tell if a client actually opened the link? +
Send a tracked link instead of a file. A PDF attachment gives you no signal; a tracked link shows whether it was opened, when, and how long they spent. Pagelive does this per-viewer; DocSend and Papermark do the document version.
Related: password-protect a web page · how Pagelive keeps pages private · DocSend alternative
Sending client work you built with AI?
Drop the HTML, get a private branded link with an optional password — off Google by default, and you'll see when the client opens it. Free for 10 pages, no card.