What is File Encryptor?

File Encryptor protects any file with AES-256 encryption. Everything runs locally through the Web Crypto API — your files never leave your device and stay completely private.

Encryption uses AES-256-GCM with a key derived from your password through PBKDF2-SHA256. You pick the iteration count (100k to 2.4M) to trade speed for brute-force resistance. The output file starts with a FENC header so the tool can read it back; without the right password, neither this tool nor anything else can recover the contents.

How to use

1. Step 1 — Drop or select the file you want to encrypt and set a strong password.
2. Step 2 — Click Encrypt to process the file using AES-256-GCM with a PBKDF2-derived key.
3. Step 3 — Download the encrypted file. Share it safely — only someone with the password can decrypt it.

When to use

• Sending tax documents, contracts, or passports through email without trusting the inbox.
• Storing a backup of password vaults or recovery codes on cloud storage you don't fully trust.
• Locking sensitive project files before handing a laptop over for repair.

Result

A freelancer encrypts a client contract (NDA.pdf) with the password 'Tr0pic@lSunset2024' before sending it via email. The recipient uses the same tool to decrypt it with the shared password.

FAQ

What happens if I forget the password?

The file is permanently unreadable. AES-256 with 600,000 PBKDF2 iterations is designed so that even nation-state attackers cannot brute-force a strong password in any meaningful time. Write the password down somewhere physical before encrypting anything important.

What is the difference between the iteration presets?

Higher iterations slow down both encryption and any brute-force attack. 100k feels instant but is weak against modern GPUs. 600k is the OWASP-recommended baseline for 2024. 2.4M takes several seconds on a phone but resists serious attacks.

Can someone else decrypt my file in a different tool?

Only if they use a tool that reads the FENC header: 4-byte magic, 1-byte version, 3-byte iteration count, 16-byte salt, 12-byte IV, then AES-GCM ciphertext. Files saved with a password hint use a v3 header that adds a short hint field before the salt. The payload is standard AES-GCM, so a custom script can decrypt it.

Is there a maximum file size I can encrypt?

The encryption itself has no limit, but the whole file must fit in your device's RAM. Phones typically handle up to 1 GB without issues; desktops can go higher. Very large files (over 4 GB) may hit JavaScript engine limits.

Should I trust a free encryptor with sensitive files?

The encryption runs on your device using the standard Web Crypto API built into your operating system. Files never upload anywhere. The page works offline once loaded, so you can disconnect from the network and verify nothing leaves your machine.

Related Tools