AES Text Encryption
Encrypt any text with a password using AES-256-GCM and PBKDF2 key derivation. Everything runs in your browser — your password and data never leave the device.
How It Works
Choose Encrypt mode, type your message and a password, and click Encrypt to get an authenticated ciphertext as Base64. The tool uses the browser’s Web Crypto API with AES-256 in GCM mode (Galois/Counter Mode), which provides both confidentiality and integrity — any tampering with the ciphertext is detected automatically on decryption. Your password is stretched into a 256-bit key using PBKDF2-HMAC-SHA256 with a fresh random 16-byte salt and 600,000 iterations by default (matching OWASP’s 2023 recommendation), making brute-force attacks prohibitively expensive. A fresh random 12-byte IV is generated for every encryption so the same plaintext never produces the same ciphertext twice. The output blob packs a version byte, the iteration count, the salt, the IV, and the ciphertext with GCM authentication tag — everything needed to decrypt, without ever exposing your password. To decrypt, switch mode, paste the Base64 ciphertext, enter the same password, and click Decrypt. If the password is wrong or the ciphertext has been tampered with, AES-GCM will refuse and you will see a single generic error. Nothing is ever uploaded: all encryption, key derivation, and decryption happen entirely in your browser.
Use Cases
- Sharing a sensitive note over an untrusted chat or email by sending only the ciphertext and agreeing on a password out-of-band
- Storing personal data like recovery codes or private notes in a cloud file without trusting the provider
- Encrypting a small piece of text before pasting it into a shared document or ticket
- Teaching how authenticated encryption, password-based key derivation, and salts work with a real working example
- Creating self-contained ciphertext blobs for CTF challenges or security training exercises
Frequently Asked Questions
- Is the password stored anywhere?
- No. The password is used only to derive the encryption key, and is never written to storage or transmitted. Closing the tab discards it.
- What happens if I lose the password?
- Decryption is impossible. AES-GCM with PBKDF2 is designed so the only path to plaintext is the correct password — there is no recovery.
- How strong should the password be?
- At least 16 characters with a mix of words, symbols, and digits. PBKDF2 with 600,000 iterations slows brute force, but a weak password is still the weakest link.
- Why is decryption rejecting a valid-looking ciphertext?
- AES-GCM's authentication tag rejects any ciphertext that has been modified by even one byte, including accidental whitespace or line-break changes during copy/paste. Re-copy the original Base64 blob carefully.
- Can I encrypt files?
- This tool encrypts text. For files, the same primitives (AES-256-GCM, PBKDF2-SHA-256) are exposed by command-line tools like age or openssl enc.