Tool

AES Key Generator

Generate AES-128, AES-192, and AES-256 keys as hex or Base64.

Last updated April 1, 2026

Runs entirely in your browser — no data sent to servers. Privacy policy

How to Use This Tool

Select AES key size: 128, 192, or 256 bits. AES-256 is recommended for new applications.

Click Generate to create a cryptographically random key using Web Crypto.

Copy the hex or Base64 output for use in your encryption library.

Store keys in a secrets manager. Never hardcode AES keys in source code.

Code Examples

const crypto = require('crypto');
const key = crypto.randomBytes(32); // 256-bit AES key
const iv = crypto.randomBytes(12);
const cipher = crypto.createCipheriv('aes-256-gcm', key, iv);
let encrypted = cipher.update('secret data', 'utf8', 'hex');
encrypted += cipher.final('hex');

Frequently Asked Questions

Which AES key size should I use?

AES-256 is recommended for new applications. AES-128 is still secure but 256-bit provides a larger margin for long-term data protection.

Is AES the same as JWT encryption?

No. JWTs are typically signed (JWS) not encrypted. AES encrypts data at rest or in transit. JWE uses encryption for JWT payloads.

Hex or Base64 for storage?

Either works. Hex is common in config files. Base64 is more compact. Store in environment variables or a secrets manager.

Related Guides

Related Tools