Fully local — no data leaves your browser — X25519 · PQ Hybrid · Passphrase — powered by age-encryption
Your browser will prompt you to select a passkey when you click Encrypt.
file:// URL.Your browser will prompt you to select a passkey when you click Decrypt.
file:// URL.Generates a new random age identity (private key) and the corresponding recipient (public key). These are generated locally using the Web Crypto API.
Generates a post-quantum hybrid identity and recipient using ML-KEM-768 + X25519. These keys resist both classical and quantum attacks.
If you have a private key (AGE-SECRET-KEY-1... or AGE-SECRET-KEY-PQ-1...) but need its public recipient.
age (Actually Good Encryption) is a simple, modern file encryption tool designed by Filippo Valsorda. It uses X25519 keys, post-quantum hybrid keys, or passphrases, has a clean format with no config knobs, and is interoperable across all implementations. Files encrypted here can be decrypted with any standards-compliant age CLI or library, and vice versa.
This tool is an independent project and is not affiliated with or endorsed by the age project or Filippo Valsorda. It uses the typage library to implement the age format.
Spec & source: age-encryption.org/v1 · github.com/FiloSottile/age · typage
This is a single self-contained HTML file with no external dependencies. Save this page (Ctrl+S / Cmd+S) and open it from your local filesystem at any time — no internet connection required.
Official source: github.com/FiloSottile/age/releases
Homebrew (recommended):
MacPorts:
Official source: github.com/FiloSottile/age/releases
Debian / Ubuntu:
Fedora / RHEL:
Arch Linux:
Binary download (any distro):
Official source: github.com/FiloSottile/age/releases
Scoop (recommended):
Winget:
Binary download:
Generate a new keypair:
Encrypt to a recipient:
Encrypt to multiple recipients:
Encrypt with a passphrase:
Decrypt with a private key:
Decrypt with a passphrase:
Encrypt with ASCII armor (text output):
PQ Hybrid mode uses ML-KEM-768 + X25519 to provide encryption that resists both classical and quantum computer attacks. Keys start with age1pq1... (public) and AGE-SECRET-KEY-PQ-1... (private).
PQ Hybrid recipients are approximately 1920 characters long. The age spec recommends not mixing PQ and non-PQ recipients in the same encrypted file.
CLI interop (requires age v1.3.0+):
Passkey mode uses a WebAuthn credential (passkey or security key) with the PRF extension to derive encryption keys. This ties encryption to a hardware authenticator without needing to manage key strings.
Requirements: a secure context (HTTPS or localhost), a browser supporting the PRF extension
(Chrome 132+), and macOS 15+ or an equivalent platform. Passkey mode is not available when
opened from a file:// URL or in the Go WASM build.
Identity strings start with AGE-PLUGIN-FIDO2PRF-1... and encode the
credential ID for the authenticator. For security-key type credentials, this string is required
and cannot be regenerated if lost.