Drop a file, set a passphrase, done. Everything happens inside your browser, so your files and password never touch a server. No account, no catch, free for life.
Recommended: tap the dice to generate a strong passphrase.
The generator draws six random words from the 2048-word BIP39 wordlist, the same list behind crypto wallet seed phrases. That is about 66 bits of entropy: strong enough to shrug off any brute-force attack, yet simple to write down or remember.
Standard protection, plenty for most files. Flip on to make each brute-force guess far costlier. Not recommended for low-RAM devices.
Built on XChaCha20-Poly1305 and Argon2id, the same cryptography trusted to protect billions of people every day.
The very same encryption algorithms that secure Signal, WireGuard and 1Password.
No jargon needed to use it. But since it is open source, here is exactly what happens to your file.
Pick your own, or generate a strong one. It is the only key, and it never leaves your device.
Your passphrase is stretched into a 256-bit key with Argon2id, the algorithm built to defeat password cracking.
XChaCha20-Poly1305 encrypts the file in chunks and signs each one, so any tampering is detected instantly.
The result is indistinguishable from random noise. Without the passphrase it cannot be recovered, by anyone.
Every line is public and open source, free to host yourself, just keep a visible credit linking back to PrivacyTools.io. There is no server to hack, no account to leak, no telemetry, no ads. We could not see your files if we wanted to, and you never have to take our word for it.
Everything you need. Nothing you don't.
Documents, photos, archives, backups. Large files stream straight to disk without eating your memory.
No uploads, no cloud, no servers. Pull the plug on your internet and it still works perfectly.
No sign-up, no email, no tracking. Open the page and start. We collect nothing about you.
If even one byte is changed, decryption fails loudly. You always know your file is intact.
Public and free to host yourself, just keep a link back to us. Audit it, fork it, run your own.
No paid tier, no upsell, no features held back. Everything, free, for everyone, forever.
Good things to know before you start.
Yes. The encryption runs locally using WebAssembly. Your file and passphrase are never sent anywhere. You can confirm it by going offline before you encrypt, it still works.
Then the file is gone, and that is the point. There is no backdoor and no recovery. Strong encryption means not even we can help. Use the built-in generator and store it somewhere safe.
A .vrn file is a file encrypted by VERNAM. The .vrn extension is our own format (the file starts with the bytes "VRNM"), holding your data sealed with XChaCha20-Poly1305. To open a .vrn file, drop it back into VERNAM here at privacytools.io/encrypt (or on VERNAM.app) and enter the passphrase it was locked with. The tool detects it is encrypted and decrypts it back to the original file, all in your browser. There is no other way to read a .vrn file without the passphrase, by design.
We recommend it. Tap the dice and it builds a six-word passphrase from the BIP39 wordlist, the same 2048-word list behind crypto wallet seed phrases, chosen with your browser's cryptographic random generator. Six random words is about 66 bits of entropy: far stronger than a typical typed password, and much easier to write down or remember. Nothing is sent anywhere, the words are picked locally. A weak passphrase is the one real way to undermine strong encryption, so this is the safest path.
It is a static page with no servers to run and no costs to recover. It is our gift to the privacy community, plain and simple. No ads, no tracking, no paid tier.
Made by PrivacyTools.io. Find better privacy tools, guides, and alternatives there.
Free and open source. Host it yourself, just keep the credit. See the LICENSE and brand kit.