My Tools Garage

AES Text Encryptor

Encrypt and decrypt text with AES-256-GCM.

in-browser

How to use

  1. 1 Choose Encrypt mode and enter your text plus a strong password.
  2. 2 Click Encrypt and copy the Base64 output to share or store.
  3. 3 To read a message, switch to Decrypt and paste the encrypted blob.
  4. 4 Enter the same password used to encrypt it.
  5. 5 Click Decrypt to recover the original text.

About AES Text Encryptor

The AES Text Encryptor turns any message into an unreadable Base64 blob that only someone with the right password can turn back into plain text.

It uses AES-256 in GCM mode, an authenticated encryption scheme, so the output is both confidential and tamper-evident: if a single character of the ciphertext is changed, decryption fails cleanly instead of returning garbage.

Your password is never used directly as a key.

Instead it is stretched into a 256-bit key with PBKDF2-SHA256 over many thousands of iterations, which makes brute-force guessing far slower.

A fresh random salt and initialisation vector are generated for every encryption and embedded in the output, so encrypting the same text twice produces two completely different blobs and identical messages never look alike.

All of this metadata travels inside the Base64 string itself, meaning the recipient only needs the blob and the shared password — there is nothing else to copy or configure.

To use it, pick Encrypt, type your text and a strong password, and copy the result; to read a message, switch to Decrypt, paste the blob, enter the same password and the original text appears.

The whole process relies on the browser's built-in Web Crypto API, so it is fast and standards-based.

Everything happens locally — your text, password and keys never leave the page, are never uploaded, logged or stored — and the tool keeps working offline once loaded.

Remember that the password is the only way back: lose it and the text is gone for good.

FAQ

What encryption does this use?

AES-256 in GCM mode for authenticated encryption, with the key derived from your password using PBKDF2-SHA256. A random salt and IV are generated per message and stored inside the output.

Why does encrypting the same text give different results?

A fresh random salt and initialisation vector are used each time, so identical inputs never produce identical ciphertext. This is a security feature that hides patterns between messages.

What happens if I forget the password?

There is no recovery. The password is the only key, and nothing is stored anywhere, so a forgotten password means the text cannot be decrypted. Keep it somewhere safe.