Are my files uploaded or stored?

No. All encryption and decryption run locally in your browser using the WebCrypto API. Files are never uploaded or stored on our servers.

What encryption does this tool use?

AES‑256 (CBC) with keys derived via PBKDF2 using SHA‑256 and a random salt. Encrypted downloads use a .enc file extension.

How do I encrypt a file?

Choose Encrypt, enter a strong password or generate one, then drag & drop your file or click to select it. Click Encrypt File to download the .enc file.

How do I decrypt and keep the original extension?

Choose Decrypt, enter the same password, and drop the .enc file. The tool removes trailing .enc/.dec so the original filename and extension are preserved.

File Encryption / Decryption

Use your web browser to encrypt and decrypt files. All processing happens locally in your browser.

Encrypt a File

Enter a strong password (8+ chars), then drop your file below to encrypt it locally in your browser.

Password *

Minimum 8 characters

Password (retype) *

Drag & drop a file here or click to select

Enter password (min 8), confirm it, and select a file to enable.

Decrypt a File

Use the same password that was used to encrypt the file, then drop the encrypted file below to decrypt it locally.

Password *

Drag & drop the encrypted file here or click to select

Enter password and select a file to enable.

How Encryption/Decryption Works

This tool performs all cryptography locally in your browser using the WebCrypto API. Nothing is uploaded to a server.

Key derivation: Your password is converted to a 384‑bit stream via PBKDF2‑SHA256 with a random 8‑byte salt and 10,000 iterations. The first 32 bytes form the AES‑256 key; the next 16 bytes form the IV.
Encryption: The file bytes are encrypted using AES‑256 in CBC mode. The output format is "Salted__" | salt(8) | ciphertext, compatible with many tools.
Decryption: The salt is read from the first 16 bytes (after the "Salted__" header), the same PBKDF2 parameters are applied to rebuild the key/IV, and the ciphertext is decrypted.
File naming: Encrypted downloads use the .enc extension. When decrypting, trailing .dec and .enc are removed to restore the original filename and extension.
Privacy: Keys and file data never leave your device. Closing the tab clears all in‑memory state.

Tip: Use a long, unique password. The built‑in generator creates strong, random passwords with a balanced mix of characters.

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site — you're helping me build what developers actually need.

500K+ users

200+ tools

100% private

☕ One-time support Buy me a coffee 📚 Learn & support 9-Book Bundle - $9 Stay updated Follow @anish2good

Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.

File Encryption / Decryption

Encrypt a File

Decrypt a File

How Encryption/Decryption Works

Support This Free Tool

Quick Access

PGP Tools

Sharing Services

Security Tools

Cryptography

Network Tools

Legal & Compliance

DevOps/Container

Blockchain

Encoders/Converters

Developer Tools

Machine Learning Visualizers

Media Tools

Documents & PDF

Finance

Health

Lifestyle & Productivity

Chemistry

Math & Education

Physics Tools

Internationalization