Don's Tools · Security & Privacy · Text Encrypt & Decrypt

Text encrypt & decrypt

Protect a message with a password using strong AES-256 encryption, right in your browser.

Mode
Password
Strong, private encryption: everything runs in your browser using AES-256-GCM with a key derived from your password (PBKDF2, 250,000 rounds). Nothing is uploaded. Share the result and the password through separate channels. If the password is lost, the message cannot be recovered.
Text Encrypt and Decrypt is a free security tool that protects a message with a password entirely in your browser, with nothing uploaded. It uses AES-256-GCM authenticated encryption with a key derived from your password via PBKDF2 over 250,000 rounds and a fresh random salt and nonce, so only someone with the password can read the message and tampering is detected.

Frequently asked questions

How secure is this?

It uses AES-256-GCM, a strong, modern, authenticated cipher, with the key derived from your password using PBKDF2 over 250,000 rounds and a fresh random salt and nonce each time. Everything runs in your browser and nothing is uploaded.

What happens if I forget the password?

The message cannot be recovered. There is no backdoor or reset, which is exactly what makes it secure, so store the password safely.

How should I share an encrypted message?

Send the encrypted text and the password through different channels, for example the text by email and the password by a phone call or messaging app, so intercepting one is not enough.

Why does decryption sometimes fail?

Decryption fails if the password is wrong or the encrypted text was altered or cut off. The authenticated cipher detects tampering and refuses rather than returning wrong text.

Is the password sent anywhere?

No. The password never leaves your browser; it is only used locally to derive the encryption key.