File Encryptor - AES-256 Password Encryption
Encrypt and decrypt any file with a password using AES-256-GCM. Runs entirely in your browser, nothing uploaded.
The file is encrypted entirely in your browser. Nothing is uploaded. Output is a binary.enc file containing the salt, IV, and ciphertext. Very large files are limited by available browser memory.
Encrypt any file with a password using AES-256-GCM, a modern authenticated cipher, and PBKDF2 key derivation with 250,000 SHA-256 iterations. The encrypted output is a binary .enc file containing the random salt, IV, and ciphertext. Decryption recovers the original file by name. All cryptography runs via the native WebCrypto API directly in your browser. No file or password is uploaded or stored.
AES-256-GCM (Advanced Encryption Standard in Galois/Counter Mode) is an authenticated encryption algorithm used by TLS, WireGuard, and most modern secure protocols. Applied to files, it provides two guarantees: confidentiality (no one can read the file without the key) and integrity (any tampering with the encrypted bytes is detected at decryption time, preventing silent corruption or active manipulation).
The key is never derived from the password directly. PBKDF2 (Password-Based Key Derivation Function 2) runs SHA-256 250,000 times, mixing the password with a random 16-byte salt. This costs a fraction of a second for a legitimate user but makes brute-force attacks against a weak password far more expensive. A random 12-byte initialization vector (IV) is generated per encryption so the same file encrypted twice produces a different ciphertext.
The encrypted output is a binary file laid out as salt (16 bytes) followed by IV (12 bytes) followed by ciphertext. No Base64 encoding is applied, so the output stays the same size as the input (plus 44 bytes of overhead). Decryption reads the same structure, re-derives the key from the entered password, and downloads the recovered file using the original filename by stripping the .enc extension.
- 1
Choose a file and enter a password
Select any file using the file picker. Enter a password to protect it. The password is never stored or transmitted.
- 2
Encrypt and download the .enc file
Click Encrypt. A fresh random salt and IV are generated, the key is derived via PBKDF2, and AES-256-GCM encrypts the file bytes. The binary .enc file downloads automatically.
- 3
Decrypt with the same password
Switch to the Decrypt tab, choose the .enc file, enter the original password, and click Decrypt. The recovered file downloads with its original filename.
Protecting sensitive documents before cloud storage
Encrypt a contract, tax return, or private photo before uploading to cloud storage so the provider cannot read the contents.
Securely sharing files over insecure channels
Encrypt a file and send the .enc attachment over email or chat, then share the password through a separate channel such as a phone call.
Archiving private data on shared drives
Store encrypted backups on a USB drive or shared network folder that others can access, without exposing the file contents.
Handing off credentials or keys to colleagues
Pack a key file or credentials document into an encrypted .enc file and hand off the decryption password verbally or in person.
Is my file or password ever sent to a server?
No. Encryption and decryption run entirely in your browser using the built-in WebCrypto API. Your file, password, and encrypted output never leave your device.
What is the .enc file?
A binary file containing three concatenated fields: a 16-byte random salt, a 12-byte random IV, and the AES-256-GCM ciphertext. No Base64 encoding is applied, so it stays close to the original file size. It is not readable without the password.
What happens if I forget the password?
The encrypted file cannot be recovered. AES-256-GCM with a properly derived key has no backdoor. If the password is lost, the contents are unrecoverable. Store passwords in a password manager.
What if I get a decryption error?
A wrong password, a file that was not encrypted by this tool, or a corrupted .enc file all produce a decryption error. AES-GCM's authentication tag detects any of these conditions and rejects the data cleanly.
How large a file can I encrypt?
The file is read entirely into browser memory, so practical limits depend on the available RAM in your browser tab. Files up to a few hundred megabytes work on most devices; multi-gigabyte files may exhaust memory.