Question 1

Is this compatible with `openssl enc -aes-256-cbc`?

Accepted Answer

Yes for the default base64 output. Encrypt here → decrypt with `openssl enc -aes-256-cbc -d -salt -base64 -k YOUR_PASSPHRASE`, and vice versa. Both use the "Salted__" magic header + 8-byte random salt + PBKDF2 key derivation.

Question 2

Why does the same input encrypt to different ciphertexts?

Accepted Answer

Each encryption uses a fresh random 8-byte salt, so the derived key (and thus the ciphertext) is unique. This is a feature — it prevents an attacker from seeing that two ciphertexts came from the same plaintext.

Question 3

Should I use this for production?

Accepted Answer

For sharing a single secret over an untrusted channel, yes. For long-term data at rest or anything where ciphertext can be tampered with in transit, prefer AES-GCM (authenticated encryption) — CBC has no built-in integrity check, so a flipped byte decrypts to garbled plaintext instead of an error.

Question 4

Is the passphrase stored anywhere?

Accepted Answer

No. It lives only in volatile component state. Refresh, close the tab, or navigate away → gone. Nothing is written to localStorage, sessionStorage, IndexedDB, or cookies.

Question 5

How strong is "AES-256-CBC with PBKDF2"?

Accepted Answer

AES-256 is unbroken in any practical sense. The weak link is the passphrase: PBKDF2 default iteration count (10,000 in crypto-js) is sufficient against casual brute-force, but a long random passphrase (≥16 chars) is what actually matters. Pair this with the Password Generator.

AES Encrypt / Decrypt

How to use AES Encrypt / Decrypt

What is AES Encrypt / Decrypt?

Common use cases

FAQ