Encrypt any file. Right in your browser.
Drop a file, set a passphrase, done. Everything happens inside your browser, so your files and password never touch a server. No account, no catch, free for life.
Recommended: tap the dice to generate a strong passphrase.
The generator draws six random words from the 2048-word BIP39 wordlist, the same list behind crypto wallet seed phrases. That is about 66 bits of entropy: strong enough to shrug off any brute-force attack, yet simple to write down or remember.
Standard protection, plenty for most files. Flip on to make each brute-force guess far costlier. Not recommended for low-RAM devices.
Encrypted
Something went wrong
Want just the tool, without the site around it? Open it at VERNAM.app
Built on XChaCha20-Poly1305 and Argon2id, the same cryptography trusted to protect billions of people every day.
The very same encryption algorithms that secure Signal, WireGuard and 1Password.
How it works |under the hood
No jargon needed to use it. But since it is open source, here is exactly what happens to your file.
You set a passphrase
Pick your own, or generate a strong one. It is the only key, and it never leaves your device.
It becomes a key
Your passphrase is stretched into a 256-bit key with Argon2id, the algorithm built to defeat password cracking.
Your file is sealed
XChaCha20-Poly1305 encrypts the file in chunks and signs each one, so any tampering is detected instantly.
Only you can open it
The result is indistinguishable from random noise. Without the passphrase it cannot be recovered, by anyone.
Open source means
no secrets, no surprises.
Every line is public and open source, free to host yourself, just keep a visible credit linking back to PrivacyTools.io. There is no server to hack, no account to leak, no telemetry, no ads. We could not see your files if we wanted to, and you never have to take our word for it.
Why people use VERNAM
Everything you need. Nothing you don't.
Any file, any size
Documents, photos, archives, backups. Large files stream straight to disk without eating your memory.
Nothing leaves your device
No uploads, no cloud, no servers. Pull the plug on your internet and it still works perfectly.
No account, ever
No sign-up, no email, no tracking. Open the page and start. We collect nothing about you.
Tamper-evident
If even one byte is changed, decryption fails loudly. You always know your file is intact.
Fully open source
Public and free to host yourself, just keep a link back to us. Audit it, fork it, run your own.
Free, no asterisk
No paid tier, no upsell, no features held back. Everything, free, for everyone, forever.
Questions
Good things to know before you start.
Is it really all in my browser?
Yes. The encryption runs locally using WebAssembly. Your file and passphrase are never sent anywhere. You can confirm it by going offline before you encrypt, it still works.
What if I forget my passphrase?
Then the file is gone, and that is the point. There is no backdoor and no recovery. Strong encryption means not even we can help. Use the built-in generator and store it somewhere safe.
What is a .vrn file, and how do I open one?
A .vrn file is a file encrypted by VERNAM. The .vrn extension is our own format (the file starts with the bytes "VRNM"), holding your data sealed with XChaCha20-Poly1305. To open a .vrn file, drop it back into VERNAM here at privacytools.io/encrypt (or on VERNAM.app) and enter the passphrase it was locked with. The tool detects it is encrypted and decrypts it back to the original file, all in your browser. There is no other way to read a .vrn file without the passphrase, by design.
Should I use the passphrase generator?
We recommend it. Tap the dice and it builds a six-word passphrase from the BIP39 wordlist, the same 2048-word list behind crypto wallet seed phrases, chosen with your browser's cryptographic random generator. Six random words is about 66 bits of entropy: far stronger than a typical typed password, and much easier to write down or remember. Nothing is sent anywhere, the words are picked locally. A weak passphrase is the one real way to undermine strong encryption, so this is the safest path.
How is it free forever?
It is a static page with no servers to run and no costs to recover. It is our gift to the privacy community, plain and simple. No ads, no tracking, no paid tier.
Lock your first file
in the next ten seconds.
Encrypt with VERNAM Named after the only cipher
that has never been broken.
In 1917, a Bell Labs engineer named Gilbert Vernam built a machine that combined a message with a random key tape, one character at a time. Feed it a key that is truly random, as long as the message, and never reused, and you get the one-time pad: the only encryption ever mathematically proven unbreakable. Claude Shannon proved it in 1949. No supercomputer cracks it. No quantum computer cracks it. No spy agency cracks it. Over a century later, its record is still perfect.
That one idea, bury your data under a stream of unpredictable key, is the DNA of every modern stream cipher. XChaCha20, the cipher doing the work on this page, is Vernam's invention a hundred years on: a keystream no one can predict, XORed with your file. We can't hand you a literal one-time pad in a browser, but we built on its bloodline. So we named it after the source.
In World War II, Hitler's high command sent its most secret orders with the Lorenz machine, which ran Vernam's own cipher, scrambling every character with a key stream exactly as he had in 1918. Bletchley Park broke it anyway, building Colossus, the world's first programmable digital computer, to do it. The flaw was the key: Lorenz faked randomness with spinning wheels. Feed a Vernam cipher a truly random, one-time key and it has never fallen.