BYTETOOLS

AES Text Encrypter

Encrypt text with a password using AES-256-GCM and PBKDF2 in your browser. Get a single Base64 blob with the salt and IV embedded, ready to store or share safely.

  • AES-256 in authenticated GCM mode
  • PBKDF2 key derivation with a random per-message salt
  • Fresh random IV on every encryption
  • Single Base64 output with salt and IV embedded
  • Built on the standard Web Crypto API
  • 100% private β€” text and password stay in your browser

How to use the AES Text Encrypter

  1. 1

    Type or paste the text you want to encrypt.

  2. 2

    Enter a strong password you will remember or store safely.

  3. 3

    Click Encrypt to run AES-256-GCM with a PBKDF2-derived key.

  4. 4

    Copy the Base64 blob, which already includes the salt and IV.

  5. 5

    Share or store it, and decrypt later with the same password.

About the AES Text Encrypter

The ByteTools AES Text Encrypter protects any text with a password using AES-256 in GCM mode, the modern authenticated encryption standard. Your password is stretched into a 256-bit key with PBKDF2 (SHA-256, 200,000 iterations), and a fresh random salt and initialisation vector are generated for every message.

The output is a single Base64 string that bundles the salt, the IV and the ciphertext together, so there is nothing extra to track β€” store it, paste it into a note or send it to a recipient. Anyone with the password and the matching AES Decrypt Text tool can recover the original.

All encryption happens in your browser with the Web Crypto API. Your text and password are never uploaded, and the tool works offline, so your secrets stay on your device. Just remember: if you lose the password, the ciphertext cannot be recovered.

Frequently asked questions

How does password-based AES encryption work here?

Your password is run through PBKDF2 with a random salt to derive a 256-bit AES key. That key encrypts your text with AES-GCM using a random IV. The salt, IV and ciphertext are packed into one Base64 string so decryption has everything it needs.

What does GCM mode add?

AES-GCM is authenticated encryption: alongside confidentiality it produces a tag that detects tampering. If the ciphertext or password is wrong, decryption fails cleanly rather than returning garbage, which is why the decrypter can report a bad password.

Can I decrypt the result anywhere?

Use the matching ByteTools AES Decrypt Text tool with the same password. Both tools share an identical format β€” salt, then IV, then ciphertext, Base64-encoded β€” so the blob produced here decrypts correctly there.

What happens if I forget the password?

There is no recovery. AES-256 with a strong password is designed to be infeasible to break by guessing, which is the point of encryption. If you lose the password the ciphertext is effectively gone, so store it somewhere safe.

Is my text uploaded to encrypt it?

No. Encryption runs in your browser using the Web Crypto API. Your plaintext and password never leave the page, are not logged, and the tool works offline, so it is safe for genuinely sensitive text.

Related tools