Encrypt / Decrypt Text

Encrypt text with a password using AES-256-GCM, and decrypt it back. Real encryption, fully in your browser.

Text to encrypt

About the Encrypt / Decrypt Text

This tool does real encryption, not encoding: AES-256-GCM with a key derived from your password through 310,000 rounds of PBKDF2. The output can only be turned back into the original text by someone who has the password. It is the difference between an envelope and a safe.

Use it to share a secret over a channel you do not fully trust: send the encrypted text over email or chat, and share the password through a different channel (a phone call, in person). Neither channel alone is enough to read the message. It also works for storing small secrets in notes or files where you do not want them readable in plain text.

Everything happens in your browser through the Web Crypto API. The text, the password, and the result never touch a server. The flip side of real encryption: there is no recovery. If the password is lost, the text is gone. Nobody, including this site, can get it back.

Your ad could be here

Reach developers and designers who use these tools every day. Privacy-first, no trackers.

Frequently asked questions

How strong is this encryption?

AES-256-GCM is the standard used for banking, VPNs, and government classified data. The practical weak point is always the password: a short or guessable password can be brute forced regardless of how strong the cipher is. Use a long passphrase.

Can I decrypt this with other tools?

The format is standard (PBKDF2-SHA256 key derivation, AES-256-GCM, with salt and IV prepended to the ciphertext), so it can be decrypted programmatically with the Web Crypto API or any crypto library. The easiest path is simply this tool in decrypt mode.

What happens if I forget the password?

The text is unrecoverable. That is not a limitation, it is the entire point of encryption. There is no back door, no reset, and no way for anyone to help.

Why does encrypting the same text twice give different results?

Each encryption uses a fresh random salt and initialization vector, which is how it should be. Identical messages producing identical ciphertexts would leak information. Both outputs decrypt to the same text with the same password.

Encode & Decode

Base64 Encode / Decode

Convert text to and from Base64 with correct UTF-8 handling and a URL safe option.

Encode & Decode

Hash Generator

Generate SHA-1, SHA-256, SHA-384, and SHA-512 hashes of any text, live as you type.

Encode & Decode

HTML Entity Encoder / Decoder

Escape text for safe use in HTML, or decode entities like & back to readable characters.

Encode & Decode

HMAC Generator

Compute HMAC-SHA256, SHA-1, or SHA-512 signatures from a message and secret key.

Encode & Decode

Image to Base64

Convert an image to a Base64 data URI and back, without uploading the file.

Data & Format

JSON Formatter & Validator

Format, validate, and minify JSON with clear error messages and line numbers.