AES Encrypt & Decrypt
Encrypt and decrypt text with AES-256-GCM and a password. PBKDF2-SHA256 key derivation, runs entirely in your browser.
Strength:
Working…
How to use
- 1 Pick Encrypt or Decrypt.
- 2 Enter your password — use the strength meter as a rough guide.
- 3 Paste plaintext (encrypt) or Base64 ciphertext (decrypt), then click the action button.
- 4 Copy the output. The password never leaves your browser.
Why use this tool
- AES-256-GCM authenticated encryption — tampering is detected, unlike raw AES-CBC.
- PBKDF2-SHA256 with 100,000 iterations slows offline brute-force attacks on weak passwords.
- Random 16-byte salt and 12-byte IV per encryption — same plaintext + password produces different output every time.
- Pure WebCrypto — runs in your browser, no servers see your password or plaintext.
Frequently asked questions
Does my data leave my browser?
No. The tool uses native WebCrypto. Your password and plaintext never reach our servers.
Why AES-GCM and not CBC?
GCM is authenticated encryption — any tampering with the ciphertext (or IV/salt) is detected on decrypt. CBC is unauthenticated and dangerous to deploy raw without a separate MAC.
Why 100,000 PBKDF2 iterations?
It is the OWASP-recommended baseline for PBKDF2-SHA256. It slows brute-force attempts against weak passwords — but is not a substitute for a strong password. For really sensitive data, use 600,000+ iterations or switch to Argon2.
What is the output format?
Base64 of concatenated salt (16 bytes) || IV (12 bytes) || ciphertext+tag. The decrypt path slices these off and reconstructs the key.
Can I lose data if I forget the password?
Yes. There is no recovery — that is the whole point. Pick something memorable and store it in a password manager.
AES Encrypt & Decrypt is a free developer utility by Zerethon Tools. Encrypt and decrypt text with AES-256-GCM and a password. PBKDF2-SHA256 key derivation, runs entirely in your browser. Runs entirely in the browser — no signup, no upload.
- Category
- Developer
- Pricing
- Free
- Privacy
- Browser-based
- Signup
- Not required
Privacy
Your data never leaves your browser unless explicitly stated. AES Encrypt & Decrypt runs entirely client-side — no server upload, no logging, no tracking of your input.
Related tools
JSON Formatter
Format, validate, and minify JSON online. Free, no signup — your data never leaves your browser.
Open toolSQL Formatter
Format SQL queries online — beautify MySQL, PostgreSQL, SQLite, SQL Server, Oracle, and BigQuery.
Open toolUUID Generator
Generate UUIDs online — v1, v4, v7, and Nil. Bulk generation up to 10,000. Free, no signup.
Open toolPassword Generator
Generate strong, cryptographically random passwords. Configurable length and character sets — runs in your browser.
Open toolBuild, share, and grow on Zerethon Social
Free signup. Earn points, collect achievements, and connect with creators worldwide.