Tuttilo

AES Encrypt/Decrypt

Encrypt and decrypt text using AES-256-GCM with password-based key derivation.

Related Tools

Base64 Encoder

Encode and decode text and files to Base64

Try now

Password Generator

Generate strong, secure passwords with customizable options

Try now

Hash Generator

Generate SHA-1, SHA-256, SHA-384 and SHA-512 hashes

Try now

UUID Generator

Generate random UUID v4 identifiers

Try now

AES Encrypt/Decrypt β€” Secure Text Encryption Online

AES Encrypt/Decrypt uses AES-256-GCM (Galois/Counter Mode) with PBKDF2 key derivation for secure text encryption and decryption.

Type your plaintext message in the input field and create a strong password in the password field. Click Encrypt to transform your text using AES-256-GCM, a military-grade encryption standard. The tool derives a cryptographic key from your password using PBKDF2 with 100,000 iterations and a random salt. The encrypted output includes the salt, initialization vector, and ciphertext combined into a Base64-encoded string. To decrypt, paste the encrypted string, enter the same password, and click Decrypt. If the password is incorrect or the data is corrupted, decryption fails with an error. All cryptographic operations use the Web Crypto API in your browser.

Users securely share sensitive information like passwords or account details by encrypting the text, sending it through insecure channels like email, and sharing the decryption password separately through a different channel like SMS. Developers test encryption implementations by encrypting test data and verifying their application can decrypt it correctly. Security-conscious individuals encrypt notes containing confidential information before storing them in cloud note-taking apps. IT departments demonstrate encryption concepts during security training by letting employees encrypt and decrypt sample messages.

Choose a strong, unique password for encryption; weak passwords can be brute-forced regardless of AES strength. Never send the encrypted data and password through the same channel; if an attacker intercepts both, encryption is pointless. Save the entire encrypted output string including metadata; losing any part means you cannot decrypt the message. GCM mode provides authenticated encryption, so if someone tampers with the ciphertext, decryption will fail rather than producing garbage output. This tool is suitable for occasional manual encryption, but production applications should use proper key management systems rather than password-derived keys.

All processing happens directly in your browser. Your files never leave your device β€” no server uploads, no cloud storage, no data retention. The tool works offline once loaded, requires no registration, and is completely free with no usage limits.

Frequently Asked Questions

How secure is AES-256?

AES-256 is considered unbreakable by brute force with current technology. It is used by governments and military organizations worldwide.

Can I decrypt on another device?

Yes. Copy the encrypted output and paste it on any device with this tool. Use the same password to decrypt.

What happens if I forget the password?

The data cannot be recovered without the password. There is no backdoor or recovery mechanism.

Is my data sent to a server?

No. All encryption and decryption happens locally in your browser using the Web Crypto API.

What is PBKDF2?

PBKDF2 (Password-Based Key Derivation Function 2) converts your password into a strong encryption key using 100,000 iterations of hashing with a random salt.