Free Tool

Text Encryptor / Decryptor

Encrypt and decrypt text in your browser using AES-256-GCM, AES-256-CBC, or RSA-OAEP 2048. Password-derived keys via PBKDF2. No data leaves your device.

Key is derived from your password using PBKDF2-SHA256 (310,000 iterations). AES-256-GCM also authenticates the ciphertext — any tampering is detected.

All encryption and decryption runs entirely in your browser using the Web Crypto API — no data is ever sent to any server.

Which algorithm should I use?

AES-256-GCM is the recommended choice for most use cases. It is an authenticated encryption scheme — meaning it both encrypts your data and verifies its integrity, detecting any tampering. AES-256-CBC is a classic choice but lacks built-in authentication. RSA-OAEP is asymmetric — anyone with the public key can encrypt, but only the holder of the private key can decrypt. Use RSA for scenarios like sending a secret to someone without sharing a password.

How are keys derived from passwords?

For AES-GCM and AES-CBC, your password is never used directly as the key. Instead, PBKDF2 with SHA-256 and 310,000 iterations is used to derive a 256-bit key from your password and a random salt. The salt is stored alongside the ciphertext so decryption only requires the password. This means even weak passwords become much harder to brute-force.

Output format

The encrypted output is Base64-encoded and contains the salt, IV (initialisation vector), and ciphertext — everything needed to decrypt it. Simply paste the output back into the Decrypt tab with the same password.

How to use

  1. Choose Encrypt or Decrypt tab.
  2. Select an algorithm — AES-256-GCM is recommended.
  3. For AES algorithms: enter a password. For RSA: generate or paste a keypair.
  4. Paste your text and click Encrypt or Decrypt.
  5. Copy the output.

All encryption runs in your browser using the Web Crypto API — no data is ever sent to any server.

Frequently Asked Questions

What is AES-256-GCM?
AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode) is a symmetric authenticated encryption algorithm. It is used by TLS 1.3, Signal, and most modern secure systems. The GCM mode adds an authentication tag that detects any modification to the ciphertext.
What is the difference between AES-GCM and AES-CBC?
Both use the same AES block cipher with a 256-bit key. GCM mode is an AEAD (Authenticated Encryption with Associated Data) scheme — it produces an authentication tag alongside the ciphertext so any tampering is detected during decryption. CBC mode does not authenticate, meaning a modified ciphertext may decrypt without error but produce garbage output.
What is RSA-OAEP?
RSA-OAEP is an asymmetric encryption scheme. You generate a keypair: the public key can be shared openly and used to encrypt messages, but only the private key can decrypt them. OAEP (Optimal Asymmetric Encryption Padding) is the secure padding scheme required for RSA encryption.
Can I decrypt on a different device?
Yes. The output contains all the information needed to decrypt — salt, IV, and ciphertext — encoded as Base64. Copy the output, paste it on another device in the Decrypt tab, enter the same password (or private key for RSA), and it will decrypt correctly.
How strong is the password protection?
PBKDF2 with 310,000 SHA-256 iterations (OWASP 2023 recommendation) is used to derive the key. A random 128-bit salt is generated per encryption, preventing rainbow-table attacks. That said, always use a long, random passphrase — the security of symmetric encryption ultimately depends on the strength of your password.

Related Tools

Hash Generator

Generate MD5, SHA-1, SHA-2, SHA-3, and Argon2 hashes — browser-side, no upload

Bcrypt Generator

Hash and verify passwords using bcrypt with adjustable cost factor

Password Generator

Generate strong random passwords with entropy scoring