What encryption is used?

AES-256-GCM with a key derived from your password via PBKDF2, all through the Web Crypto API.

Is my text or password uploaded?

No. Encryption and decryption happen entirely in your browser.

Can I decrypt on another device?

Yes, as long as you have the same password and the full ciphertext output.

What if I lose the password?

The text cannot be recovered. AES with a strong password has no backdoor.

AES Encrypt / Decrypt

Type text and a password to encrypt with AES-GCM, or paste ciphertext to decrypt — all using the Web Crypto API in your browser.

Files never leave your browser

Text to Encrypt

Password

Your text and password never leave your browser. AES-256-GCM with PBKDF2 runs entirely via the Web Crypto API.

How to use AES Encrypt / Decrypt

The AES Encrypt / Decrypt tool encrypts text with AES-256-GCM using a password you provide, and decrypts it back. The key is derived from your password using PBKDF2 with 100,000 iterations and a random salt. The output bundles salt, IV, and ciphertext into a single portable Base64 string — all using the native Web Crypto API with no server uploads.

Select the mode: Encrypt to protect text, or Decrypt to recover it.
For encryption, paste your plaintext into the input field and enter a strong password.
Click Encrypt to receive a Base64 ciphertext that embeds the salt and IV.
Copy and store the ciphertext and remember your password — without it, decryption is impossible.
To decrypt, switch to Decrypt mode, paste the Base64 ciphertext, enter the same password, and click Decrypt.

Your data never leaves your device — 100% private processing.

AES-256-GCM: authenticated encryption explained

AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode) is an authenticated encryption algorithm that simultaneously provides confidentiality and integrity. The GCM tag (16 bytes appended to the ciphertext) allows the decryptor to detect any tampering — if the ciphertext is modified, decryption fails with an authentication error rather than returning corrupt plaintext. This is called AEAD (Authenticated Encryption with Associated Data). GCM is parallelisable and performs very well on modern hardware with AES-NI instructions. AES-256 uses a 256-bit key, requiring 14 rounds of substitution-permutation operations.

AES-256-GCM payload components
Component	Size	Purpose
Salt	16 bytes	Random input to PBKDF2 key derivation — unique per encryption
IV (nonce)	12 bytes	Random initialisation vector for GCM — must never be reused with the same key
Ciphertext	Input length bytes	The encrypted message payload
GCM Tag	16 bytes	Authentication tag that verifies integrity on decryption

Password-based key derivation with PBKDF2

Passwords are low-entropy strings unsuitable for direct use as 256-bit AES keys. PBKDF2 (Password-Based Key Derivation Function 2) stretches a password into a cryptographic key by applying a pseudorandom function (HMAC-SHA256) many thousands of times with a random salt. The iteration count (100,000 in this tool) is deliberately high to slow down brute-force attacks: an attacker guessing passwords must run 100,000 HMAC operations per guess. The salt ensures that two identical passwords produce different keys, defeating rainbow-table attacks. Modern alternatives include Argon2 and bcrypt, which are memory-hard and slower for attackers, but PBKDF2 is available natively in all browsers through the Web Crypto API.

Glossary

AES-GCM: Advanced Encryption Standard in Galois/Counter Mode — an authenticated encryption algorithm providing both confidentiality and integrity.
PBKDF2: Password-Based Key Derivation Function 2 — stretches a password into a cryptographic key using many iterations of a hash function.
IV (nonce): Initialisation Vector — a random value used with the key to ensure that encrypting the same message twice produces different ciphertext.
Salt: A random value added to a password before hashing or key derivation to prevent rainbow-table attacks and ensure unique outputs.
AEAD: Authenticated Encryption with Associated Data — encryption that provides both confidentiality and integrity/authenticity in a single operation.

Frequently Asked Questions

Free · No spam

Get weekly tool tips & updates

New tools, power-user tips, and productivity hacks — delivered free every Friday.

No spam, ever. Unsubscribe with one click.

Why use AES Encrypt / Decrypt?

No installation — use directly from any browser
Handles large inputs without crashing or timeouts
Syntax highlighting and formatted output for readability
Copy to clipboard shortcut for fast workflow integration

Common use cases

Validate and format JSON responses from APIs
Encode/decode Base64 strings during debugging
Generate UUIDs for database seeds or test data
Minify CSS or JavaScript before deployment
Diff two code snippets to spot regressions

Related Developer Tools

HMAC Generator

Generate HMAC signatures with SHA-1, SHA-256, SHA-384, or SHA-512 and a secret key. Uses the Web Crypto API. Free and private.

Hash Generator

Generate cryptographic hashes online. Support for SHA-1, SHA-256, SHA-384, and SHA-512. Instant, secure, client-side.

Base64 Encoder & Decoder

Encode text or files to Base64, or decode Base64 strings back to text. Fast, free, and runs entirely in your browser.

JSON Formatter & Validator

Format, validate, and minify JSON instantly. Includes syntax highlighting, error detection, and a collapsible tree view — free, private, in-browser.

Regex Tester

Test and debug regular expressions online. See live matches, capture groups, and replace output. Free, private, instant.

URL Encoder / Decoder

Encode and decode URLs and URL components online. Convert special characters to percent-encoding and back instantly — free, private, and fast.

Explore all Developer Tools.