What encryption algorithm does this use?

AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode). The key is derived from your password using PBKDF2 with SHA-256 and 100,000 iterations. A random 16-byte salt and 12-byte IV are generated per encryption and packed into the output.

Is this tool safe for sensitive data?

The algorithm (AES-256-GCM) is used in TLS, VPNs, and password managers. However, security depends entirely on your password strength — a weak password means weak encryption regardless of the cipher. Use a strong, unique password of 16+ characters.

Can I decrypt this with another tool?

Yes — any tool that implements AES-256-GCM with PBKDF2 (SHA-256, 100k iterations) can decrypt the ciphertext. The output format is: base64(salt[16] + IV[12] + ciphertext). Interoperability requires matching these exact parameters.

Does my password leave the browser?

No. The password is used only to derive a key via the browser's built-in Web Crypto API (SubtleCrypto). It is never stored, logged, or transmitted.

Crypto Tools

Text Encryptor — AES-256-GCM Encryption in Your Browser, No Upload

Encrypt any text with a password using AES-256-GCM and PBKDF2 key derivation — the same cipher used by modern VPNs, password managers, and secure messaging apps. Everything runs in your browser via the Web Crypto API. Your text and your password are never transmitted to any server.

How to use this tool

Enter your plaintext and a strong password, then click Encrypt.
Copy the base64-encoded ciphertext — it is safe to store or send publicly.
To recover the original text, paste the ciphertext, enter the same password, and click Decrypt.

Plaintext

Password

AES-256-GCM with PBKDF2 key derivation. Your password never leaves the browser.

Frequently Asked Questions

What encryption algorithm does this use?: AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode). The key is derived from your password using PBKDF2 with SHA-256 and 100,000 iterations. A random 16-byte salt and 12-byte IV are generated per encryption and packed into the output.
Is this tool safe for sensitive data?: The algorithm (AES-256-GCM) is used in TLS, VPNs, and password managers. However, security depends entirely on your password strength — a weak password means weak encryption regardless of the cipher. Use a strong, unique password of 16+ characters.
Can I decrypt this with another tool?: Yes — any tool that implements AES-256-GCM with PBKDF2 (SHA-256, 100k iterations) can decrypt the ciphertext. The output format is: base64(salt[16] + IV[12] + ciphertext). Interoperability requires matching these exact parameters.
Does my password leave the browser?: No. The password is used only to derive a key via the browser's built-in Web Crypto API (SubtleCrypto). It is never stored, logged, or transmitted.

guide

How to Encrypt Text in Your Browser Using AES-256 (2026)

Encrypt text with AES-256-GCM and PBKDF2 entirely in your browser. Your plaintext and password never leave your device — verified via DevTools Network tab.

→

More free toolsSee all 109 →

Merge PDFs Compress Image JSON Formatter Password Generator VAT Calculator QR Code Generator