A zero-server, browser-native file encryption tool.
FileKrypt is a high-security, browser-based file encryption tool that transforms your local browser into a cryptographic vault. Built on a strict Zero-Server architecture, every cryptographic operation happens entirely on your device using the browser's native Web Crypto API — no installation, no backend, no data leaving your machine.
Activity history is encrypted with a session-bound key that is permanently destroyed when the tab is closed.
You can change your password or generate a recovery key at any time. Keep your recovery key stored safely — it is the only resort if you forget your password.
| Component | Implementation |
|---|---|
| Encryption | AES-256-GCM (Authenticated Encryption) |
| Key Derivation | PBKDF2-SHA256 — 310,000 iterations |
| Entropy Source | Web Crypto API |
No cookies, no analytics, no sign-ups, no external CDN dependencies, and zero network requests of any kind.
Encrypt
- Drop any file into FileKrypt.
- Enter a strong password. A recovery code is auto-generated as a backup.
- FileKrypt encrypts the file and generates an encrypted file and a recovery key.
- Use the customize button to save the recovery key along with the
.encfile. - Download your
.encfile. Key material is immediately zeroed from memory.
Decrypt
- Drop the
.encfile into FileKrypt. - Enter your original password, or paste or upload the recovery code.
- FileKrypt decrypts and restores your original file.
AES-256-GCM encrypts your file securely and ensures it remains safe and unchanged during decryption.
PBKDF2 makes your password significantly harder to crack by running it through 310,000 iterations of hashing before generating the encryption key.
| FileKrypt Protects Against | Simple Explanation |
|---|---|
| No network activity | Your files never leave your device. |
| No server-side breaches | FileKrypt does not store files on any server. |
| Memory cleanup | Sensitive keys are cleared from memory after use. |
| File modification detection | Changed or corrupted encrypted files will fail to decrypt. |
| Password attack resistance | Extra security makes password guessing harder. |
| FileKrypt Does Not Protect Against | Simple Explanation |
|---|---|
| Infected devices | Malware or keyloggers on your device can still steal data. |
| Lost passwords or recovery keys | Encrypted files cannot be recovered without them. |
| Browser or system vulnerabilities | Security issues in the browser or device may still affect protection. |
| Layer | Technology |
|---|---|
| Language | HTML, CSS, JavaScript |
| Encryption | Web Crypto API |
| Storage | sessionStorage (session-bound history key) |
| Hosting | GitHub Pages |
| Dependencies | None |
FileKrypt works best on the latest versions of all modern browsers.
| Browser | Support |
|---|---|
| Chrome / Edge | ✅ Supported |
| Firefox | ✅ Supported |
| Safari | ✅ Supported |
| Opera | ✅ Supported |
| Internet Explorer / Legacy Browsers | ❌ Not supported |
Note: FileKrypt must be served over
https://orlocalhostfor Web Crypto API access. Opening viafile://may be restricted in some browsers.
FileKrypt runs entirely in the browser — no installation, no build step, no dependencies. Access it directly at:
🔗 https://codilosopher.github.io/FileKrypt/
Or run it locally by cloning the GitHub repository:
# Clone the repository
git clone https://github.com/your-username/filekrypt.git
# Open directly in your browser
open filekrypt/index.htmlFileKrypt is a free tool provided without any guarantees or warranties. Since all operations run directly on your device, you are solely responsible for keeping your passwords, recovery codes, and file backups safe. FileKrypt is not liable for any data loss, file corruption, or issues caused by problems on your device or browser. This project was built with the assistance of AI tools to improve encryption accuracy and overall security.
This project is licensed under the MIT License. See LICENSE for details.