Is my text sent to a server?

No. All encryption and decryption runs in your browser using the Web Crypto API (SubtleCrypto). Nothing leaves your device.

Which encryption algorithm is used?

AES-256-GCM with PBKDF2 key derivation (100,000 iterations, SHA-256). This is a modern, authenticated encryption scheme recommended for secure applications.

What happens if I lose my passphrase?

There is no way to recover the encrypted text without the exact passphrase. Store it somewhere safe — this tool does not save or log any passphrases.

What is the output format?

The encrypted output is a Base64 string that encodes the random salt (16 bytes), the random IV (12 bytes), and the ciphertext. This makes it safe to copy, store, or share as plain text.

🔐

Text Encryptor

Encrypt and decrypt text with a passphrase using AES-256-GCM. Everything runs in your browser — nothing is ever uploaded.

Plain text to encrypt Passphrase

Encrypted output AES-256-GCM

Result will appear here…

All operations run in your browser via the Web Crypto API. No data is ever sent to a server. If you lose your passphrase, the text cannot be recovered.

How it works

Choose a mode

Select Encrypt to protect a message, or Decrypt to recover one from an encrypted block.

Enter your text and passphrase

Paste the text you want to encrypt (or the Base64 block you want to decrypt), then type a strong passphrase.

Click Encrypt / Decrypt

The browser derives a 256-bit key from your passphrase using PBKDF2 (100 000 iterations, SHA-256), then encrypts or decrypts using AES-256-GCM.

Copy or download the result

The encrypted output is a Base64 string containing a random salt, IV, and ciphertext — safe to copy, store, or share as text.

Text Encryptor

How it works

Frequently Asked Questions