Text Encrypt / Decrypt (AES-GCM)
Encrypt and decrypt text with a password using AES-GCM, all locally in your browser.
Loading Text Encrypt / Decrypt (AES-GCM)… If nothing happens, please enable JavaScript.
This tool encrypts and decrypts text with a password using AES-GCM, the same authenticated encryption standard that protects HTTPS connections, disk volumes, and countless production systems. Unlike Base64 or other encodings, which merely transform data and offer no protection, real encryption makes your message unreadable to anyone who does not know the password. Whether you want to stash a note you can decrypt later, share a secret with a colleague over an insecure channel, or simply understand how modern symmetric encryption works, this tool does the job without ever sending your data anywhere.
Frequently asked questions
Is my text or password ever uploaded?
What encryption does the tool actually use?
Why does encrypting the same text give a different result each time?
What happens if I enter the wrong password?
How strong is the encryption?
Can I decrypt the output on another device or tool?
Is there a length limit on the text?
Does encryption work without an internet connection?
About Text Encrypt / Decrypt (AES-GCM)
The security comes from two well-chosen building blocks. Your password is run through PBKDF2 with SHA-256 and 100,000 iterations against a fresh random 16-byte salt, which turns a human password into a strong 256-bit key while making brute-force attacks far slower. That key then drives AES-GCM with a fresh random 12-byte initialisation vector, an authenticated cipher that both hides the contents and detects any tampering. The output bundles the salt, the IV, and the ciphertext together and encodes the whole thing as Base64, so a single string is all you need to decrypt later, provided you have the password.
Every byte of this process happens inside your browser using the native Web Crypto API, with no external library and no network traffic. Your plaintext and your password never leave your device, are never logged, and are never uploaded. If the password is wrong or the ciphertext has been altered, decryption fails cleanly with an error rather than producing garbage, because AES-GCM verifies integrity as part of decryption. The tool also works entirely offline once the page has loaded.
Why GCM, and why a salt and an IV?
AES has been the U.S. government's approved symmetric cipher since 2001, when it replaced the ageing DES standard after an open international competition. AES on its own only encrypts fixed-size blocks, so it must be combined with a mode of operation. GCM, short for Galois/Counter Mode, is popular because it does two jobs at once: it encrypts the data and produces an authentication tag that detects tampering, all in a single efficient pass.
The salt and the initialisation vector solve two different problems, and confusing them is a classic mistake. The salt is mixed into the password before key derivation so that two people using the same password get different keys, which defeats precomputed rainbow-table attacks. The IV, by contrast, randomises the encryption itself so that encrypting identical plaintext under the same key still yields different ciphertext. Both must be unique per message, but neither is secret, which is why this tool simply stores them alongside the ciphertext.
The single most dangerous error with GCM is reusing an IV with the same key. Doing so can leak relationships between messages and, in the worst case, expose the authentication key entirely. That is exactly why this tool generates a brand-new random IV for every encryption rather than reusing a fixed value, a small detail that makes the difference between textbook-correct encryption and a subtle, exploitable flaw.