Online Text Encryptor & Decryptor
Encrypt and decrypt messages using AES-GCM with a passphrase. All cryptography runs in your browser and no data is sent to the server.
Enter a passphrase to see strength
AES-256-GCM
Industry standard authenticated encryption.
100% private
No data leaves your browser.
PBKDF2 key derivation
Passphrase hardened with 100k iterations.
Frequently Asked Questions
AES-256-GCM. It is the same standard used by banks, governments, and most major tech companies. GCM is an authenticated encryption mode, meaning if anyone tampers with the ciphertext the decryption fails loudly rather than quietly returning corrupted output.
No. The key is derived from your passphrase using PBKDF2 with 100,000 iterations and a random salt. Without the passphrase, brute-forcing the key at any realistic computing speed is not feasible for any reasonably complex passphrase.
The data is gone. There is no recovery option. Your passphrase never reaches our servers, so there is nobody to ask for help. Write it down somewhere safe before encrypting anything important.
It works for encrypting short sensitive notes or messages. For managing a large number of passwords, a dedicated password manager like Bitwarden or 1Password is a better fit since it is built specifically for credential storage and has additional safeguards.
No. Both encryption and decryption happen entirely inside your browser using the Web Crypto API. Nothing you type ever leaves your device. You can go offline after the page loads and the tool still works fine.