Jasypt Encrypt / Decrypt

Encrypt and decrypt values using Jasypt PBEWithMD5AndDES. Compatible with Spring Boot ENC(...) property encryption.

100% client-side — your secrets never leave your browser. Fully compatible with Spring Boot Jasypt.

Plaintext Value

Secret Key (Password)

Iterations (Key Derivation)

Default: 1000 (matches Jasypt BasicTextEncryptor)

Client-Side Only

All encryption and decryption happens in your browser. Your secrets and passwords never leave your machine.

Spring Boot Compatible

Output is compatible with Java Jasypt BasicTextEncryptor and Spring Boot jasypt-spring-boot library.

Usage in application.yml

Wrap your encrypted value with ENC(...) in your Spring Boot config:

spring:
  datasource:
    password: ENC(your_encrypted_value_here)

Set the decryption key via environment variable: JASYPT_ENCRYPTOR_PASSWORD=your_secret_key

About Jasypt Encryption

What is Jasypt?

Jasypt (Java Simplified Encryption) is a Java library that provides easy-to-use encryption for developers. It is best known for its integration with Spring Boot, where it allows encrypting sensitive property values (database passwords, API keys) directly in configuration files like application.yml or application.properties.

Why We Built This Tool

Developers using Spring Boot with jasypt-spring-boot frequently need to encrypt values to put in their config files, or decrypt existing values for debugging. Setting up a separate Java environment just to run Jasypt's CLI tool is cumbersome. This browser-based tool provides instant encrypt/decrypt capability with zero setup.

How to Use It

Select Encrypt or Decrypt mode, paste your value, enter the same secret key used in your application, and optionally adjust the iteration count (default 1000). The tool uses the PBEWithMD5AndDES algorithm with PBKDF1 key derivation, matching Jasypt's BasicTextEncryptor. For encryption, the output includes both the Spring Boot ENC(...) format and the raw base64 value.

Spring Boot Integration

To use Jasypt in Spring Boot, add the jasypt-spring-boot-starter dependency and set the encryption password via the environment variable JASYPT_ENCRYPTOR_PASSWORD. Wrap encrypted values with ENC(...) in your config files. Spring Boot will automatically decrypt them at runtime using the configured password.

Security Considerations

PBEWithMD5AndDES is a legacy algorithm. For new projects, consider using stronger algorithms like PBEWithHMACSHA512AndAES_256 via Jasypt's StandardPBEStringEncryptor. Never commit the encryption password to version control — always pass it as an environment variable or via a secrets manager. This tool runs entirely in your browser; your keys and values are never transmitted.