Text Encryptor - AES-256 Password Encryption
Encrypt and decrypt text with a password using AES-256-GCM and PBKDF2. Runs entirely in your browser.
Encrypt any text message with a password using AES-256-GCM, a modern authenticated cipher, and PBKDF2 key derivation with 250,000 SHA-256 iterations. The result is a portable Base64 string you can store or share. Decryption requires the exact password and the encrypted blob. All cryptography runs via the native WebCrypto API directly in your browser. No data is uploaded, stored, or transmitted.
AES-256-GCM (Advanced Encryption Standard in Galois/Counter Mode) is an authenticated encryption algorithm that provides both confidentiality and integrity. Confidentiality means no one can read the message without the key. Integrity means any tampering with the ciphertext is detected at decryption time, preventing silent corruption or active manipulation.
The key is never derived from the password directly. Instead, PBKDF2 (Password-Based Key Derivation Function 2) is used: it runs the SHA-256 hash function 250,000 times, mixing the password with a random 16-byte salt. This process takes a fraction of a second for a legitimate user, but makes brute-force attacks against a weak password far more expensive. A random 12-byte initialization vector (IV) is generated per encryption so the same message encrypted twice produces a different ciphertext.
The output format concatenates salt (16 bytes) + IV (12 bytes) + ciphertext and Base64-encodes the whole thing into a single string. Decryption slices the salt and IV off the front, re-derives the key from your password, and decrypts. If the password is wrong or the blob is modified, AES-GCM's authentication tag fails and decryption is rejected cleanly.
- 1
Type your message and password
Enter the text to encrypt and a password. The password is never stored. Choose something you can remember or save it in a password manager.
- 2
Encrypt and copy the blob
Click Encrypt. The tool derives a 256-bit AES key from your password via PBKDF2, encrypts the message with a fresh random IV, and produces a Base64 string. Copy it to share or store.
- 3
Decrypt with the same password
Paste the encrypted blob into the Decrypt tab, enter the original password, and click Decrypt. A wrong password or altered blob shows a clear error.
Securely sharing a secret over an insecure channel
Encrypt a PIN, API key, or private note before sending it over email or chat, then share the password through a separate channel.
Storing a sensitive note in plain sight
Keep an encrypted blob in a notes app or cloud document. Without the password, the content is unreadable even if someone gains access to the file.
Protecting credentials for handoff
Encrypt server credentials or account details before handing them off to a colleague, then share the decryption password verbally.
Quick verification of symmetric-key encryption
Test and understand AES-GCM encryption behavior without writing code, useful for developers evaluating WebCrypto APIs.
Is my text or password ever sent to a server?
No. Encryption and decryption run entirely in your browser using the built-in WebCrypto API. Your message, password, and encrypted output never leave your device.
What happens if I forget the password?
The encrypted data cannot be recovered. AES-256-GCM with a properly derived key has no backdoor. If the password is lost, the ciphertext is unrecoverable. Store passwords in a password manager.
How secure is AES-256-GCM?
AES-256-GCM is the encryption standard used by TLS, WireGuard, and most modern secure protocols. With a random IV per message and an authentication tag, it provides both confidentiality and tamper detection. Security depends on the strength of your password.
What does PBKDF2 with 250,000 iterations mean?
PBKDF2 converts your password into a 256-bit cryptographic key by hashing it 250,000 times with a random salt. This adds roughly 0.1-0.3 seconds of intentional delay per attempt, making brute-force attacks against a short password significantly more expensive.
Can I decrypt the output on another device or tool?
Yes, if the other tool uses the same format: AES-256-GCM, PBKDF2 with SHA-256 and 250,000 iterations, and reads the first 16 bytes as the salt and the next 12 bytes as the IV. The format is standard and not proprietary.