liminfo

File Encryptor

Free web tool: File Encryptor

Select a file to encrypt

Choose file

Max 100MB / AES-256-GCM Encryption

Information

  • - Uses AES-256-GCM encryption.
  • - Key is derived using PBKDF2 (100,000 iterations).
  • - All processing is done in the browser. No files are sent to the server.
  • - If you lose the password, the file cannot be recovered.

About File Encryptor

The File Encryptor is a browser-based tool that lets you encrypt and decrypt any file using AES-256-GCM, one of the strongest symmetric encryption algorithms available today. You simply select a file, enter a password, and the tool produces a password-protected .encrypted file that only you can open. The entire process runs inside your browser via the Web Crypto API — no file ever touches a server.

Developers, journalists, legal professionals, and anyone who regularly handles sensitive documents use this tool to add a strong layer of protection before sharing files over email, cloud storage, or USB drives. The encryption key is derived from your password using PBKDF2 with SHA-256 and 100,000 iterations, which significantly slows down brute-force attacks even if an attacker obtains the encrypted file.

Technically, the tool generates a random 16-byte salt and a 12-byte IV (initialization vector) for every encryption operation. These values are stored inside the .encrypted file alongside the original filename length, filename bytes, and the AES-GCM ciphertext. Decryption reverses this process: it reads the salt and IV from the file header, re-derives the same key from your password, and uses AES-GCM authenticated decryption to recover the original data — automatically rejecting files tampered with or opened with the wrong password.

Key Features

  • AES-256-GCM encryption — authenticated encryption that detects tampering in addition to providing confidentiality
  • PBKDF2 key derivation with 100,000 SHA-256 iterations to resist brute-force and dictionary attacks
  • Random 16-byte salt per file ensures the same password produces different keys for different files
  • Random 12-byte IV per encryption prevents ciphertext patterns even when encrypting the same file twice
  • Original filename is stored inside the encrypted file and restored automatically on decryption
  • Supports files up to 100 MB via the FileReader and Web Crypto APIs entirely in the browser
  • Zero server contact — all cryptographic operations use the browser's built-in SubtleCrypto interface
  • Dark mode and responsive layout for comfortable use on desktop, tablet, and mobile

Frequently Asked Questions

What encryption algorithm does this tool use?

The tool uses AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode). AES-256-GCM provides both confidentiality and integrity: any modification to the encrypted file will cause decryption to fail, alerting you to tampering.

How is the encryption key derived from my password?

Your password is processed by PBKDF2 (Password-Based Key Derivation Function 2) using SHA-256 as the hash function and 100,000 iterations. A random 16-byte salt is generated for each file, so even if two files are encrypted with the same password they will have completely different keys.

What is the .encrypted file format?

The output file stores: 1 byte for original filename length, the original filename bytes, 16 bytes of random salt, 12 bytes of random IV, and then the AES-GCM ciphertext. This self-contained format allows the tool to restore the original filename automatically when you decrypt.

Can I decrypt the file on another device or browser?

Yes. As long as you use this same tool and the correct password, the file can be decrypted on any device or browser that supports the Web Crypto API — which includes all modern browsers (Chrome, Firefox, Safari, Edge).

What happens if I forget my password?

There is no recovery mechanism. AES-256-GCM with PBKDF2 provides no backdoor; if you lose the password, the file cannot be decrypted. Store your password in a password manager before encrypting important files.

Is there a file size limit?

The current implementation supports files up to 100 MB. The entire file is read into browser memory, so very large files may cause performance issues on devices with limited RAM. For very large files, consider splitting them before encrypting.

Does encrypting a file compress it?

No. AES-GCM is an authenticated encryption scheme, not a compression algorithm. The output file will be slightly larger than the input due to the salt, IV, filename metadata, and the 16-byte GCM authentication tag.

Is this tool safe to use for sensitive personal or business data?

Yes. All processing happens locally in your browser through the standard Web Crypto API. No data is ever sent to any server, logged, or stored. However, always keep your password secure and store your files in a safe location after encryption.