My Tools Garage

AES Text Decryptor

Decrypt AES-256-GCM text with your password.

in-browser

How to use

  1. 1 Paste the encrypted Base64 text into the input box.
  2. 2 Enter the password that was used when the text was encrypted.
  3. 3 Click Decrypt to recover the original message.
  4. 4 Copy the decrypted plaintext if you need it elsewhere.

About AES Text Decryptor

The AES Text Decryptor recovers the original message from a Base64 blob that was encrypted with AES-256-GCM and a password.

Paste the encrypted text, type the passphrase that was used to lock it, and the tool re-derives the encryption key and returns your plaintext.

It is the companion to the matching AES text encryptor and reads the same self-describing format.

The encrypted blob carries everything the decryptor needs except your secret: a magic header, a version byte, the PBKDF2 iteration count, the random salt and the random initialisation vector all travel inside it.

That means you only ever have to remember the password.

The key is rebuilt with PBKDF2-SHA256 and AES-GCM verifies an authentication tag during decryption, so a wrong password or even a single altered byte fails cleanly with a clear message rather than producing silent garbage.

Because it uses the browser-native Web Crypto API, no library is loaded and no data leaves your device — the ciphertext and password never touch a network.

That makes it safe for sensitive notes, credentials and private messages, and it keeps working offline once the page has loaded.

Keep your password somewhere safe: without it, authenticated AES-GCM text genuinely cannot be recovered.

FAQ

What format does this decrypt?

It reads AES-256-GCM blobs whose key was derived from a password with PBKDF2-SHA256, with the salt, IV and iteration count embedded — the output of the matching AES text encryptor.

Why does it say the password is wrong or the data was modified?

AES-GCM authenticates the ciphertext. If the password is incorrect, or any byte was changed, the tag check fails and decryption is refused rather than returning corrupt text.

Is my data sent anywhere?

No. Decryption uses the browser Web Crypto API entirely on your device; the ciphertext and password are never uploaded.