AES Encryptor
Encrypt and decrypt text using AES-256-GCM. All operations happen client-side in your browser using the Web Crypto API.
What is AES-256-GCM Encryption?
AES (Advanced Encryption Standard) is the symmetric block cipher chosen by NIST in 2001 after a public competition; it now underpins HTTPS, WireGuard, BitLocker, FileVault, and the security of nearly every mobile device. The 256-bit key length offers an enormous brute-force margin — 2256 possible keys, more than the number of atoms in the observable universe. GCM (Galois/Counter Mode) adds an authentication tag on top of AES, so any tampering with the ciphertext is detected on decryption. Combined with PBKDF2, which stretches a human-memorable password into a 256-bit key through tens of thousands of hash iterations, you get a turnkey envelope for short secrets like notes, recovery codes, or API tokens. Need to read encrypted output? Use the AES Decryptor. Need a one-way fingerprint instead of reversible encryption? Try the Hash Generator.
Client-Side Encryption
All encryption and decryption happens in your browser. No data is sent to any server. Uses AES-256-GCM with PBKDF2 key derivation.
Encrypt
Decrypt
Password
Plaintext
How to use this tool
- 1Type or paste your plaintextEnter the message you want to encrypt. There's no length cap — the tool streams in chunks, so even multi-megabyte text works.
- 2Choose a strong passwordUse a password manager and prefer a passphrase of 4+ random words. PBKDF2 hardens it, but a weak password remains a weak password.
- 3Click Encrypt and save the outputCopy the ciphertext, IV, and salt. Store all three together — losing any one of them makes the data unrecoverable.