Text Encrypt / Decrypt

AES-encrypt text with a password.

Everything runs locally. Your text and password never leave your browser — nothing is uploaded. There is no password recovery, so if you forget the password the encrypted text cannot be recovered.

Encrypt and decrypt text with a password

This free text encryption tool scrambles your message with AES-256-GCM, one of the strongest and most widely trusted encryption standards. Your password is stretched into a 256-bit key using PBKDF2 with 100,000 iterations of SHA-256, so only someone with the exact password can read the result. It is ideal for protecting private notes, API keys, recovery phrases, and any sensitive text you need to store or send. Everything happens in your browser using the built-in Web Crypto API — no text and no password are ever uploaded.

How to encrypt or decrypt text

  1. Choose Encrypt to protect text, or Decrypt to recover it.
  2. Type or paste your text into the input box.
  3. Enter a strong password — use Show to check what you typed.
  4. Click Process to run the encryption or decryption locally.
  5. Use Copy output to grab the result, then store your password safely.

Why the password matters

The security of your message depends almost entirely on your password. A long, unique passphrase is dramatically harder to guess than a short or common word, so consider generating one with the password generator. Because there is no recovery option, save the password somewhere secure before you close the page — without it, the ciphertext is unrecoverable by design.

Encoding, hashing, and encryption

Encryption is reversible with the right key, which makes it different from hashing. If you only need a one-way fingerprint or checksum of your data rather than something you can decrypt, reach for the hash generator instead. Use encryption when you need to hide text and later read it back, and hashing when you need to verify integrity without ever recovering the original.

Frequently asked questions

How does password-based text encryption work here?

When you encrypt, the tool generates a random 16-byte salt and a random 12-byte initialization vector, then derives a 256-bit key from your password using PBKDF2 with 100,000 rounds of SHA-256. Your text is encrypted with AES-256-GCM, and the result is the Base64 of the salt, IV, and ciphertext joined together. To decrypt, paste that Base64 back in with the same password.

Is my text or password sent to a server?

No. Everything runs locally in your browser using the built-in Web Crypto API. Your text, your password, and the encrypted result never leave your device — nothing is uploaded, logged, or stored. That makes it safe for private notes, keys, and other sensitive strings.

What happens if I forget the password?

There is no password recovery and no backdoor. AES-256-GCM with a PBKDF2-derived key means the only way to decrypt is with the exact password used to encrypt. If you lose or mistype the password, the ciphertext cannot be recovered, so store your password somewhere safe.

Why does decryption fail with valid-looking text?

Decryption fails if the password is wrong, or if the encrypted text was altered, truncated, or copied incompletely. AES-GCM verifies integrity, so even a single changed character causes it to reject the data. Re-copy the full encrypted string and double-check the password, then try again.

How strong is AES-256-GCM?

AES-256-GCM is a modern, authenticated encryption standard trusted for protecting sensitive data. It provides both confidentiality and tamper-detection. The real-world strength depends heavily on your password — a long, unique passphrase is far harder to guess than a short common word.

Can I share encrypted text safely?

You can send the encrypted Base64 over any channel, since it reveals nothing without the password. Share the password separately through a different, trusted channel — never in the same message as the ciphertext.