PII Masking Tool
Privacy utility · No upload

Mask sensitive text before you paste it elsewhere.

Detect common emails, phone numbers, card-like numbers, Korean resident-number-like patterns, IP addresses, and custom terms. Processing stays inside your browser.

Original text

This helper uses pattern-based masking. It can miss unusual formats and may over-mask normal text. Review the result before sharing.

Masked output

Total masks0
Email0
Phone0

Best used before pasting logs, support tickets, chat transcripts, or customer notes into third-party tools.

Technical Security Analysis of Local Mask sensitive text before you paste it elsewhere. & Web Cryptography

Securing sensitive data requires robust client-side sanitization. Modern browsers provide the window.crypto API, enabling cryptographically secure pseudo-random number generation (CSPRNG) and hardware-accelerated encryption via Web Crypto standards. When you encrypt text or files, PBKDF2 derives key bytes from your passcode, and AES-256 GCM encrypts the payload, ensuring data integrity without sending keys to a backend server. Similarly, PII risk scanners use regex-matching queues to detect pattern structures like emails or credit cards, and mask them in-tab. Running security checks inside the client sandbox prevents telemetry leaks, protecting proprietary credentials, API logs, and customer database drafts from external interception.

Specifically, this Mask sensitive text before you paste it elsewhere. utility is designed to mask emails, phone numbers, card-like numbers, id-like patterns, and custom words locally before sharing text with teammates or ai tools. It runs with zero server dependencies, ensuring complete security and zero latency.

How to Use

  1. Input your raw logs, JSON objects, files, or sensitive text strings into the secure local container.
  2. Define your parameters (e.g. choose PII masking levels, or input an encryption passcode for AES-256 GCM).
  3. The client-side cryptography engine processes the data instantly without sending packets over the network.
  4. Copy the sanitized text or download the encrypted secure bundle directly from your local browser tab.

Common Use Cases

PII-Sanitized LLM Prompting Find and mask sensitive names, API keys, or email addresses in log files before pasting them into external AI chats.
Passcode-Protected File Encryption Encrypt configuration files or confidential text blocks using AES-256 locally before sharing them via insecure channels.
Decoupled JWT Claims Verification Decode JSON Web Tokens in-browser to verify authorization claims without sending auth keys to online web decoders.

Frequently Asked Questions

How can I be sure my sensitive logs are not sent to any servers?

The page runs serverless on edge infrastructure, utilizing local JavaScript loops. Network inspect tools prove zero packets are sent during processing.

Is the AES-256 file encryption cryptographically secure?

Yes. It uses the standard Web Crypto API with Galois/Counter Mode (GCM), providing both confidentiality and integrity authentication.

What categories of PII can the scanner detect?

The local engine scans for emails, phone numbers, API keys, credit cards, social security numbers, and common database logs.

Can the local JWT decoder modify token contents?

No, it parses and decodes the Base64URL-encoded JSON structures locally to show claims without validating signatures against an external server.