← Back to tools

Text Encryptor

Encrypt and decrypt text with AES-256-GCM. Nothing leaves your browser.

Encrypted output
AES-256-GCM · PBKDF2 key derivation

AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode) is the gold standard for symmetric encryption. It uses a 256-bit key to both encrypt and decrypt data, and the GCM mode provides authenticated encryption — meaning it detects if the ciphertext has been tampered with.

Your passphrase is converted into a 256-bit encryption key using PBKDF2 (Password-Based Key Derivation Function 2) with 100,000 iterations. This deliberate slowness makes brute-force attacks on weak passphrases much harder. A random salt ensures the same passphrase produces different keys each time.

The output contains three parts concatenated and Base64-encoded: the salt (16 bytes), the initialization vector (12 bytes), and the ciphertext. All three are needed for decryption. Everything runs in your browser using the Web Crypto API — the same cryptographic library used by banks and password managers. No data is ever sent to a server.

This tool in other languages:

Français:
Chiffreur de texte AES-256

Español:
Encriptador de texto AES-256

Deutsch:
Text-Verschlüsselung AES-256

Português:
Criptografador de texto AES-256

日本語:
テキスト暗号化ツール

中文:
文本加密工具 AES-256

한국어:
텍스트 암호화 도구

العربية:
أداة تشفير النصوص AES-256

Frequently asked questions

How do I encrypt text with a password online?

Paste your text, enter a passphrase, and click Encrypt. The tool uses AES-256-GCM (an authenticated encryption standard) via the browser's Web Crypto API. Copy the encrypted output and share the passphrase through a separate channel to whoever needs to decrypt.

What encryption algorithm does this tool use?

AES-256-GCM — the same algorithm used by TLS, disk encryption, and most modern secure applications. The passphrase is converted to a 256-bit key via PBKDF2 with a random salt. GCM mode provides both confidentiality and authentication, so tampering with the ciphertext is detectable.

Is this as secure as end-to-end encrypted messaging?

The cryptography is industry-standard. The weakest link is the passphrase — a short or guessable passphrase breaks everything. Use a long, random passphrase (16+ characters) and share it through a different channel than the ciphertext. For routine communication, use a proper end-to-end app (Signal, iMessage) — they handle key exchange automatically.

How do I decrypt the text on the other end?

The recipient opens this tool, pastes the encrypted output, enters the same passphrase, and clicks Decrypt. If the passphrase is correct and the ciphertext hasn't been tampered with, the original text appears. Wrong passphrase or altered ciphertext results in an error (no partial decryption).

Can someone break this encryption if they get the ciphertext?

Not without the passphrase. AES-256 with a strong passphrase is computationally infeasible to break — even state actors can't brute-force it in any practical time. The attacker's best bet is guessing your passphrase (if it's weak) or getting it from you some other way (phishing, shoulder-surfing).