AES Encryption
Encrypt and decrypt text with AES-256-GCM and a password. Everything stays in your browser.
🔒 100% in your browser — nothing is uploaded
How it works
Encrypt or decrypt text with AES-256-GCM. Your password is stretched into a key with PBKDF2 (250,000 iterations); the output bundles a random salt and IV so each encryption is unique. Everything happens in your browser via the Web Crypto API — your password and text never leave your device.
Frequently asked questions
How secure is this?
It uses AES-256-GCM (authenticated encryption) with PBKDF2-SHA-256 key derivation — the same primitives browsers and banks rely on. Security still depends on choosing a strong password.
Can you recover my text if I forget the password?
No — and neither can anyone else. There is no backdoor and nothing is stored, so a lost password means the text is unrecoverable.
Does my data get uploaded?
Never. Encryption and decryption run entirely in your browser; no text or password is sent to any server.