← Back to App

Independent Decryption Guide

Your data is encrypted with open, standard algorithms that any computer can decrypt — without needing this app. This guide walks you through it step by step, even if you have never used a command-line tool before.

Estimated time: 5 – 10 minutes.

Before you start, you will need two things:

Windows — PowerShell 7

We will use PowerShell 7, a free command-line tool from Microsoft. It has everything needed built in — no extra downloads beyond PowerShell itself.

1

Install PowerShell 7

The easiest way is through the Microsoft Store — it takes about two minutes:

  1. Click the Start button (Windows logo in the bottom-left corner).
  2. Open the Microsoft Store (search for it if you can't find it).
  3. In the search bar at the top of the Store, type PowerShell and press Enter.
  4. Click the result that says PowerShell with "Microsoft Corporation" listed as the publisher.
  5. Click Get (or Install) and wait for it to finish.
Alternative — direct download: If you prefer not to use the Store, visit the official Microsoft installation guide at
learn.microsoft.com — Installing PowerShell on Windows
Download the file ending in -win-x64.msi and run it, clicking Next on each screen.
2

Open PowerShell 7

  1. Click the Start button.
  2. Type PowerShell 7.
  3. Click PowerShell 7 in the results. (It may also be listed as pwsh.)
  4. A dark window with a blinking cursor appears — this is your terminal. It will show something like PS C:\Users\YourName>.
Make sure you open "PowerShell 7", not "Windows PowerShell" — the older one (version 5) will not work. PowerShell 7 usually has a black icon; the old one has a blue icon.
To paste text into PowerShell, right-click anywhere in the window. You can also press Ctrl+V.
3

Save your encrypted text to a file

Copy the command below into PowerShell. Then replace everything between the two quote marks with your actual encrypted text — delete the placeholder text entirely and paste yours in its place.

"PASTE_YOUR_FULL_ENCRYPTED_TEXT_HERE" | Set-Content "$HOME\secret.txt" -Encoding utf8

Press Enter. This saves your encrypted text as a file called secret.txt in your home folder (C:\Users\YourName\).

Make sure the entire encrypted string is inside the quote marks with nothing cut off — it may be very long.
4

Edit and run the decryption script

Copy the entire script below. Before you paste it into PowerShell:

  • Find the line that says 'YOUR_PASSWORD_HERE'
  • Replace that text with your actual password — keep the single quote marks around it

Then paste the whole thing into PowerShell (right-click to paste) and press Enter.

$password = 'YOUR_PASSWORD_HERE'

$bytes      = [Convert]::FromBase64String((Get-Content "$HOME\secret.txt" -Raw).Trim())
[byte[]]$salt       = $bytes[0..15]
[byte[]]$iv         = $bytes[16..27]
[byte[]]$ciphertext = $bytes[28..($bytes.Length - 17)]
[byte[]]$tag        = $bytes[($bytes.Length - 16)..($bytes.Length - 1)]

$pbkdf2 = [System.Security.Cryptography.Rfc2898DeriveBytes]::new(
    [System.Text.Encoding]::UTF8.GetBytes($password),
    $salt, 100000,
    [System.Security.Cryptography.HashAlgorithmName]::SHA256)
[byte[]]$key = $pbkdf2.GetBytes(32)
$pbkdf2.Dispose()

$aesGcm    = [System.Security.Cryptography.AesGcm]::new([byte[]]$key)
$plaintext = New-Object byte[] $ciphertext.Length
$aesGcm.Decrypt($iv, $ciphertext, $tag, $plaintext)
$aesGcm.Dispose()

Write-Host ([System.Text.Encoding]::UTF8.GetString($plaintext))
Password contains a single quote '? Write it as two single quotes: '' inside the script. Example: if your password is it's, write 'it''s'.
Password contains a dollar sign $? Single quotes protect it — no changes needed.
5

See your result

After a second or two your decrypted message will appear in the terminal window. You can select and copy it just like normal text.

Troubleshooting

❌ "AuthenticationTagMismatch" or "Decryption failed"
The password is wrong. Check for typos, missing capital letters, or extra spaces. Edit the $password line and run the script again.
❌ "Cannot find path … secret.txt" or "FileNotFoundError"
The file was not saved. Repeat Step 3 and make sure your full encrypted text is inside the quotes.
❌ Error mentions "AesGcm" and "overload"
Your PowerShell 7 version may be very old. Uninstall it and reinstall from the Microsoft Store to get the latest version.
❌ Nothing happens, or you see a different error
Make sure you opened PowerShell 7 (not the old blue Windows PowerShell 5). Search "PowerShell 7" in the Start menu to be sure.

Mac — Python 3

We will use Python 3 and a free helper package called cryptography. The setup takes about 5 minutes and only needs to be done once.

1

Open Terminal

Terminal is the command-line tool on Mac. You can find it two ways:

  • Spotlight (easiest): Press ⌘ Cmd+Space, type Terminal, press Enter.
  • Finder: Go to Applications → Utilities → Terminal.

A window opens with a prompt — this is your terminal. You type commands here and press Enter to run them.

2

Check that Python 3 is installed

Type the following and press Enter:

python3 --version
  • If you see Python 3.x.x — Python is installed. Go to Step 3.
  • If a popup appears asking to install developer tools — click Install and wait. Python 3 will be included.
  • If you see an error — go to python.org/downloads/macos, download the latest macOS installer, and run it. Then try the command above again.
3

Install the cryptography package

Type this and press Enter:

pip3 install cryptography

Wait until you see a line that says Successfully installed cryptography-.... This only needs to be done once ever.

If you see "pip3: command not found", try instead:
python3 -m pip install cryptography
4

Save your encrypted text to a file

Type this command and press Enter:

cat > ~/secret.txt

The cursor will move to a new blank line — that means Terminal is waiting for you to type or paste something.

  1. Paste your encrypted text: press ⌘ Cmd+V.
  2. Press Enter once more to go to a new line.
  3. Press Ctrl+D (hold Control, tap D). This saves the file.
Mac shortcut: If you already copied the encrypted text from the app, you can instead run:
pbpaste > ~/secret.txt
This pastes your clipboard directly into the file in one step.
5

Create the decryption script

We will use nano, a simple text editor built into Mac. Type this and press Enter:

nano ~/decrypt.py

The terminal changes to show a plain text editor. Now paste the script below (⌘ Cmd+V). Before pasting, change YOUR_PASSWORD_HERE to your actual password (keep the double quote marks around it).

import base64, os
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.ciphers.aead import AESGCM

password = b"YOUR_PASSWORD_HERE"

with open(os.path.expanduser("~/secret.txt")) as f:
    data = base64.b64decode(f.read().strip())

salt, iv, ciphertext = data[:16], data[16:28], data[28:]

kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=100000)
key = kdf.derive(password)

plaintext = AESGCM(key).decrypt(iv, ciphertext, None)
print(plaintext.decode("utf-8"))

To save and close nano:

  1. Press Ctrl+X
  2. Press Y to confirm you want to save
  3. Press Enter to keep the filename decrypt.py
Password contains a double quote "? Write it as \" inside the script. Example: if your password is say "hi", write b"say \"hi\"".
6

Run the script

Type this and press Enter:

python3 ~/decrypt.py

Your decrypted message will appear on the next line.

Troubleshooting

❌ "cryptography.exceptions.InvalidTag"
The password is wrong. Open the script again (nano ~/decrypt.py), check the password carefully — watch out for capital letters and extra spaces — save, and run again.
❌ "ModuleNotFoundError: No module named 'cryptography'"
The package wasn't installed. Run: pip3 install cryptography
❌ "FileNotFoundError: … secret.txt"
The encrypted file wasn't saved. Repeat Step 4 carefully, especially the Ctrl+D at the end to save.
❌ "python3: command not found"
Python isn't installed. Follow Step 2 to install it from python.org, then try again.

Linux — Python 3

We will use Python 3 and the free cryptography package. Python 3 is pre-installed on most Linux distributions.

1

Open a Terminal

How to open a terminal depends on your desktop:

  • Ubuntu / GNOME: Press Ctrl+Alt+T, or search "Terminal" in the Activities overview.
  • KDE Plasma: Right-click the desktop and choose Open Terminal, or press Alt+F2 and type konsole.
  • Any desktop: Search for "Terminal" or "Console" in your application menu.
2

Check Python 3 and install if needed

Type this and press Enter:

python3 --version

If you see Python 3.x.x — skip to Step 3. If not, install it:

  • Ubuntu / Debian / Linux Mint: 
    sudo apt update && sudo apt install python3 python3-pip
  • Fedora / RHEL: 
    sudo dnf install python3 python3-pip
  • Arch / Manjaro: 
    sudo pacman -S python python-pip

You will be asked for your system password — type it and press Enter. Note: the password will not appear as you type. That is normal.

3

Install the cryptography package

pip3 install cryptography

Wait until you see Successfully installed cryptography-.... This only needs to be done once.

If you see a permissions error, try:
pip3 install --user cryptography
4

Save your encrypted text to a file

Type this command and press Enter:

cat > ~/secret.txt

The cursor moves to a blank line — Terminal is waiting for input.

  1. Paste your encrypted text. In most Linux terminals you paste with Ctrl+Shift+V (not Ctrl+V).
  2. Press Enter to go to a new line.
  3. Press Ctrl+D to save and close.
5

Create the decryption script

Open the nano text editor:

nano ~/decrypt.py

Paste the script below. Change YOUR_PASSWORD_HERE to your actual password first (keep the double quote marks).

To paste in nano: Ctrl+Shift+V (or right-click if your terminal supports it).

import base64, os
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.ciphers.aead import AESGCM

password = b"YOUR_PASSWORD_HERE"

with open(os.path.expanduser("~/secret.txt")) as f:
    data = base64.b64decode(f.read().strip())

salt, iv, ciphertext = data[:16], data[16:28], data[28:]

kdf = PBKDF2HMAC(algorithm=hashes.SHA256(), length=32, salt=salt, iterations=100000)
key = kdf.derive(password)

plaintext = AESGCM(key).decrypt(iv, ciphertext, None)
print(plaintext.decode("utf-8"))

Save and exit nano:

  1. Press Ctrl+X
  2. Press Y to confirm saving
  3. Press Enter to keep the filename
nano not found? Install it with: sudo apt install nano (Ubuntu/Debian) or sudo dnf install nano (Fedora).
Password contains a double quote "? Write it as \". Example: b"say \"hi\"".
6

Run the script

python3 ~/decrypt.py

Your decrypted message will appear on the next line.

Troubleshooting

❌ "cryptography.exceptions.InvalidTag"
The password is wrong. Open the script again with nano ~/decrypt.py, fix the password, save, and run again.
❌ "ModuleNotFoundError: No module named 'cryptography'"
Run: pip3 install cryptography or pip3 install --user cryptography
❌ "FileNotFoundError: … secret.txt"
The encrypted file wasn't saved. Repeat Step 4, and make sure you pressed Ctrl+D at the end to save it.
❌ "python3: command not found"
Python isn't installed. Follow Step 2 for your distribution.

Why this works without the app

This tool encrypts using only open, standardised algorithms — any implementation that follows the same format will produce the same result:

BytesLengthContents
0 – 1516 bytesRandom salt (for PBKDF2 key derivation)
16 – 2712 bytesRandom IV / nonce (for AES-GCM)
28 – (end−17)variableCiphertext
last 1616 bytesGCM authentication tag

PBKDF2-SHA256 (100,000 iterations) — open standard, defined in RFC 8018.
AES-256-GCM — NIST standard, available in .NET, Python, OpenSSL, Go, Rust, and more.

Back to App  ·  Privacy Policy  ·  © 2026 Amanda Hernow