Free Text Encryptor — Encrypt & Decrypt Text Online with AES-256
Text encryption is one of the most important tools in modern digital privacy. Whether you need to protect sensitive messages, store confidential notes, or share private information securely, encryption transforms readable text (plaintext) into an unreadable format (ciphertext) that can only be decoded with the correct password. Our free text encryptor uses military-grade AES-256-GCM encryption, the same standard trusted by governments and financial institutions worldwide.
AES (Advanced Encryption Standard) is a symmetric block cipher adopted by the U.S. government in 2001 after an extensive five-year evaluation process. The "256" refers to the key length in bits, providing 2^256 possible key combinations — a number so astronomically large that brute-force attacks are computationally infeasible even with the most powerful supercomputers. GCM (Galois/Counter Mode) adds authenticated encryption, meaning it not only encrypts your data but also verifies its integrity, detecting any tampering or corruption during transmission.
Key derivation is a critical component of password-based encryption. Our tool uses PBKDF2 (Password-Based Key Derivation Function 2) with 100,000 iterations and SHA-256 hashing to transform your password into a cryptographic key. This process, known as key stretching, deliberately slows down key generation to make dictionary attacks and brute-force attempts against weak passwords much more expensive. A random 16-byte salt is generated for each encryption operation, ensuring that identical passwords produce different encryption keys.
The encryption output consists of a random salt (16 bytes), a random initialization vector (12 bytes), and the AES-GCM ciphertext with authentication tag, all concatenated and encoded in Base64 for easy copying and sharing. The IV ensures that encrypting the same plaintext with the same password produces different ciphertext each time, preventing pattern analysis attacks. All cryptographic operations are performed entirely in your browser using the Web Crypto API (SubtleCrypto), meaning your text and password never leave your device.