AES-GCM encryption with a passphrase (Web Crypto).
AES Encrypt / Decrypt secures text with AES-256-GCM using a passphrase, all in your browser via the Web Crypto API. Your passphrase is run through PBKDF2 (SHA-256, 100,000 iterations) to derive the key, and the random salt and IV are packed with the ciphertext into a single Base64 string. Use it to encrypt notes, tokens, or config snippets and decrypt them back later with the same passphrase.
No. Encryption and decryption run entirely in your browser using the Web Crypto API. Neither your text nor your passphrase is uploaded anywhere.
It uses AES-256-GCM for encryption. The key is derived from your passphrase with PBKDF2 using SHA-256 and 100,000 iterations and a random 16-byte salt.
The output is a single Base64 string containing the 16-byte salt, then the 12-byte IV, followed by the AES-GCM ciphertext and authentication tag. Decryption expects this exact layout.
Decryption fails if the passphrase is wrong, the Base64 input is altered or truncated, or the ciphertext was not produced by this tool. AES-GCM verifies integrity, so any tampering causes an error rather than garbled text.
Only if they use the same scheme: AES-256-GCM with PBKDF2-SHA-256 at 100,000 iterations and the salt + IV + ciphertext packed in that order as Base64. Other formats will not decrypt here.