Why AES-256-GCM Matters
You’ve got an API key sitting in a Slack DM. A database password in a Google Doc. Maybe some credentials you need to send a coworker over email. None of those channels are encrypted end-to-end, and if someone intercepts the message, they’ve got your secrets.
AES-256-GCM fixes that. It’s the same encryption the U.S. government uses for classified information, and it’s what banks rely on to protect wire transfers. The “256” means a 256-bit key — that’s 1.15 x 10^77 possible combinations. Even if every computer on Earth worked together, brute-forcing it would take longer than the universe has existed.
This tool runs the entire encryption process inside your browser using the Web Crypto API. Your plaintext and password never touch a server.
How It Works Under the Hood
When you hit “Encrypt,” three things happen:
- PBKDF2 stretches your password. Your password goes through 100,000 rounds of SHA-256 hashing with a random 128-bit salt. Even a mediocre password like “fluffy2024” becomes a cryptographically strong 256-bit key.
- A random IV gets generated. The initialization vector ensures that encrypting “hello” twice with the same password produces completely different ciphertext. An attacker can’t spot patterns.
- GCM mode encrypts and authenticates. Galois/Counter Mode doesn’t just encrypt — it produces an authentication tag. If anyone flips a single bit in the ciphertext, decryption fails outright instead of producing garbage. You’ll know it’s been tampered with.
The output is a Base64 string containing the salt, IV, auth tag, and ciphertext bundled together. Decryption pulls them apart automatically.
Getting Started
Pick Encrypt mode, type your password, paste the text you want to protect, and hit Encrypt. Copy the Base64 output and send it wherever you need to. The recipient pastes the ciphertext, enters the same password, and gets the original text back.
One critical detail: share the password through a different channel than the ciphertext. Send the encrypted message over email, and tell them the password over a phone call. That way, compromising one channel isn’t enough.
If the password’s wrong or the ciphertext’s been modified, decryption won’t produce garbled output — it’ll throw an authentication error. That’s GCM doing its job.
Real-World Scenarios
Say you’re a freelancer and a client needs your SSH private key. Emailing it in plaintext is reckless. Encrypt it here, send the ciphertext, and call them with the password. Done.
Or maybe you keep notes in Notion and some of them contain sensitive client data. Encrypt those sections before saving. Your notes are still in the cloud, but they’re unreadable without your password.
Developers sometimes need to share .env file contents with teammates. Rather than posting STRIPE_SECRET_KEY=sk_live_... in a team chat, encrypt the whole block first.
For situations where you need separate public and private keys — like signing JWTs or setting up TLS — the RSA Key Generator is what you’re looking for instead.
Things You Should Know
There’s no password recovery. If you forget the password, the data’s gone. PBKDF2 is a one-way function. Use a password manager to store encryption passwords, or generate one with the Password Generator.
AES-256 has never been broken in practice. The best known attack against AES-256 reduces the keyspace to 2^254.4 operations — still astronomically infeasible. Your real vulnerability is a weak password, not the algorithm.
Everything stays in your browser. The Web Crypto API handles all the cryptography natively. Disconnect your internet and the tool keeps working. No telemetry, no analytics on your input.
This handles text, not files. If you need to encrypt a document or image, you’d need to Base64-encode it first (which bloats the size by ~33%). For file encryption, a tool like GPG or VeraCrypt is more practical.