Submit a tool

Encrypt Text

Lock a note or message behind a passphrase with AES-256 encryption. Both encryption and decryption happen in your browser — your text and passphrase never leave your device.

Encrypt text in your browser

This tool lets you turn a private note into scrambled ciphertext that's meaningless without the passphrase. It uses AES-256-GCM, the same authenticated encryption trusted for protecting data at rest, with your passphrase strengthened by PBKDF2 to slow down brute-force attempts. A random salt and nonce are generated for every message, so encrypting the same text twice produces different output.

How to use it

  1. Encrypt: stay on the Encrypt tab, paste your text, enter a passphrase and click Encrypt. Copy the result and store or send it.
  2. Decrypt: switch to the Decrypt tab, paste the encrypted text, enter the same passphrase and click Decrypt to recover the original.
  3. Share safely: send the encrypted text and the passphrase through two different channels so neither alone reveals your message.

Good to know

  • The passphrase is everything. There's no recovery — if you lose it, the text is gone for good.
  • Use a strong passphrase. Length matters most; a memorable string of several random words works well.
  • Tamper-evident. GCM verifies integrity, so altered ciphertext fails to decrypt instead of producing garbage.

Frequently asked questions

How is my text encrypted?

With AES-256-GCM, a modern authenticated cipher. Your passphrase is stretched into a key using PBKDF2 with 200,000 iterations and a random salt, and a fresh random nonce is used every time — all via the browser's Web Crypto API.

Does anything leave my browser?

No. Encryption and decryption run locally in JavaScript. Your text and passphrase are never transmitted, logged or stored anywhere.

What happens if I forget the passphrase?

The text cannot be recovered. There's no backdoor and no reset — the passphrase is the only key. Store it somewhere safe, like a password manager.

How do I share encrypted text with someone?

Copy the encrypted output and send it however you like (email, chat, a file). Share the passphrase separately through a different channel, then they paste both here and choose Decrypt.

Why did decryption fail?

Almost always a wrong passphrase, or the encrypted text was altered or truncated in transit. Because GCM is authenticated, even a single changed character makes it refuse to decrypt rather than return wrong data.