AES Text Encrypter
Encrypt text with a password using AES-256-GCM and PBKDF2 in your browser. Get a single Base64 blob with the salt and IV embedded, ready to store or share safely.
- AES-256 in authenticated GCM mode
- PBKDF2 key derivation with a random per-message salt
- Fresh random IV on every encryption
- Single Base64 output with salt and IV embedded
- Built on the standard Web Crypto API
- 100% private β text and password stay in your browser
How to use the AES Text Encrypter
- 1
Type or paste the text you want to encrypt.
- 2
Enter a strong password you will remember or store safely.
- 3
Click Encrypt to run AES-256-GCM with a PBKDF2-derived key.
- 4
Copy the Base64 blob, which already includes the salt and IV.
- 5
Share or store it, and decrypt later with the same password.
About the AES Text Encrypter
The ByteTools AES Text Encrypter protects any text with a password using AES-256 in GCM mode, the modern authenticated encryption standard. Your password is stretched into a 256-bit key with PBKDF2 (SHA-256, 200,000 iterations), and a fresh random salt and initialisation vector are generated for every message.
The output is a single Base64 string that bundles the salt, the IV and the ciphertext together, so there is nothing extra to track β store it, paste it into a note or send it to a recipient. Anyone with the password and the matching AES Decrypt Text tool can recover the original.
All encryption happens in your browser with the Web Crypto API. Your text and password are never uploaded, and the tool works offline, so your secrets stay on your device. Just remember: if you lose the password, the ciphertext cannot be recovered.
Frequently asked questions
How does password-based AES encryption work here?
Your password is run through PBKDF2 with a random salt to derive a 256-bit AES key. That key encrypts your text with AES-GCM using a random IV. The salt, IV and ciphertext are packed into one Base64 string so decryption has everything it needs.
What does GCM mode add?
AES-GCM is authenticated encryption: alongside confidentiality it produces a tag that detects tampering. If the ciphertext or password is wrong, decryption fails cleanly rather than returning garbage, which is why the decrypter can report a bad password.
Can I decrypt the result anywhere?
Use the matching ByteTools AES Decrypt Text tool with the same password. Both tools share an identical format β salt, then IV, then ciphertext, Base64-encoded β so the blob produced here decrypts correctly there.
What happens if I forget the password?
There is no recovery. AES-256 with a strong password is designed to be infeasible to break by guessing, which is the point of encryption. If you lose the password the ciphertext is effectively gone, so store it somewhere safe.
Is my text uploaded to encrypt it?
No. Encryption runs in your browser using the Web Crypto API. Your plaintext and password never leave the page, are not logged, and the tool works offline, so it is safe for genuinely sensitive text.
Related tools
- AES Text DecrypterDecrypt an AES-256-GCM Base64 blob back to plain text with the password used to encrypt itβ¦
- HMAC GeneratorGenerate an HMAC of any message with a secret key using HMAC-SHA1, SHA-256 or SHA-512 via β¦
- Secure Token GeneratorGenerate cryptographically secure random tokens for APIs, sessions and keys. Choose the leβ¦
- SHA-256 Hash GeneratorGenerate SHA-256 hashes of text or files with the browser's Web Crypto API. 64-character hβ¦
- XOR Cipher Encoder & DecoderXOR text against a repeating key and output the result as hex or Base64, then decode hex oβ¦