How does the encrypted HTML file work?

The image is encrypted with AES-256-GCM and embedded in a self-contained HTML file. Opening it in any browser shows a password prompt — the correct password decrypts and displays the image.

Does this require an internet connection to open?

No — the HTML file is completely self-contained with all decryption code inline. It works offline in any modern browser.

Is the encryption strong?

Yes — AES-256-GCM with PBKDF2 key derivation (100,000 iterations, SHA-256). This is the same encryption used in banking and government systems.

What if someone enters the wrong password?

AES-GCM's authentication tag fails with an incorrect password, showing an "Incorrect password" error. There is no brute-force limit on the HTML file itself, so use a strong password.

🖼️ Image Tool Free · No Upload · No Account

Lock Image with Password for Free

Password-protect an image by encrypting it into a self-contained HTML file using AES-256-GCM. Share the HTML file — the recipient opens it in any browser and enters the password to view the image.

Files never uploaded No account required Unlimited use, free forever WebAssembly-powered

AES-256-GCM encryption

The image is encrypted in your browser and wrapped in a standalone HTML file. Share the HTML file — the recipient enters the password to view the image. No uploads needed.

Drop your file here, or click to browse

JPEG, PNG, WebP, GIF · Encrypted in browser

Or press Ctrl+V to paste

How to Lock Image

Upload your image

Drop your image into the upload area.
Set a password

Enter a strong password. The strength meter guides you.
Download encrypted HTML

Click "Lock & Download" — share the .html file. Recipients open it in a browser and enter the password to view the image.

Features

AES-256-GCM authenticated encryption
PBKDF2 key derivation (100,000 iterations)
Self-contained HTML — works offline
No server involved — 100% client-side
Works in any modern browser
Password strength meter

Frequently Asked Questions

How does the encrypted HTML file work?: The image is encrypted with AES-256-GCM and embedded in a self-contained HTML file. Opening it in any browser shows a password prompt — the correct password decrypts and displays the image.
Does this require an internet connection to open?: No — the HTML file is completely self-contained with all decryption code inline. It works offline in any modern browser.
Is the encryption strong?: Yes — AES-256-GCM with PBKDF2 key derivation (100,000 iterations, SHA-256). This is the same encryption used in banking and government systems.
What if someone enters the wrong password?: AES-GCM's authentication tag fails with an incorrect password, showing an "Incorrect password" error. There is no brute-force limit on the HTML file itself, so use a strong password.