Encrypt/Decrypt Text
AES-256-CBC encryption with password
If you're looking to encode or decode in Base64, try our Base64 Encoder / Decoder.
If you're looking to generate hash of any text, try our Hash Generator.
Plain text
Encrypted (Base64)
How it works
Pick Encrypt or Decrypt. Encryption uses AES-256-CBC with a password-derived key and outputs Base64. Decryption reverses the process with the same password. Your text and password are all processed on your device securely; nothing is sent to the server.
About AES-256-CBC
AES (Advanced Encryption Standard) is a symmetric block cipher adopted by the US government in 2001 and now the de facto global standard for encryption. It operates on fixed 128-bit blocks of data and supports key sizes of 128, 192, or 256 bits.
256 refers to the key length in bits. A 256-bit key means 2²⁵⁶ possible keys - a number larger than the estimated atoms in the observable universe. Even with all of humanity's current computing power combined, brute-forcing a 256-bit AES key would take longer than the age of the universe.
CBC (Cipher Block Chaining) is the mode of operation. Each block of plaintext is XORed with the previous ciphertext block before being encrypted, so identical input blocks produce different output. A random initialisation vector (IV) is generated for each encryption, ensuring the same message encrypted twice produces different ciphertext.
Your password is not used directly as the key - it is first processed through a key derivation function (KDF) that stretches and hashes it into a proper 256-bit key, making the result resistant to brute force even if your password is short.
256 refers to the key length in bits. A 256-bit key means 2²⁵⁶ possible keys - a number larger than the estimated atoms in the observable universe. Even with all of humanity's current computing power combined, brute-forcing a 256-bit AES key would take longer than the age of the universe.
CBC (Cipher Block Chaining) is the mode of operation. Each block of plaintext is XORed with the previous ciphertext block before being encrypted, so identical input blocks produce different output. A random initialisation vector (IV) is generated for each encryption, ensuring the same message encrypted twice produces different ciphertext.
Your password is not used directly as the key - it is first processed through a key derivation function (KDF) that stretches and hashes it into a proper 256-bit key, making the result resistant to brute force even if your password is short.
Important
Keep your password safe. If the password is wrong, decryption will fail. There is no way to recover encrypted text without the original password.