Security · Updated June 8, 2026

How client-side encryption works in a data room

Summary

Token encrypts each file in your browser with AES-256-GCM and PBKDF2 key derivation before anything uploads. The service stores ciphertext only; the room password never leaves the people you share it with. Recipients decrypt in their own browser — nothing is decrypted on Token servers.

What actually happens when you upload

When you add a file to a Token room, the app derives an encryption key from your room password and a per-file salt using PBKDF2, then encrypts the file with AES-256-GCM in the Web Crypto API.

Only the encrypted blob — plus salt, IV, and metadata like filename and MIME type — is sent to storage. If someone accessed storage without your password, they would see opaque binary, not your documents.

What recipients experience

After any NDA or access gate you configured, the recipient enters the same room password you shared out of band (email, call, etc.). Decryption runs locally in their browser. Previews may show a watermark; downloads are the original decrypted file.

Password is not stored on Token servers
Decryption is local — no server-side plaintext
Revoking the link stops new fetches; old downloads are already local

What this does and does not promise

Client-side encryption is a strong default for outsider file drops: it reduces trust in the host and keeps a clear mental model (link + password).

It does not replace your own policies on who receives the password, device security, or regulatory programs. Token does not claim GDPR certification — we describe encryption and user control accurately.

Try the features

Click a card to expand steps and jump into the product.

Frequently asked questions

Does Token ever see my room password?: No. The password is used in the browser to derive keys. It is not sent to Token for storage or validation of decryption.
What algorithm does Token use?: AES-256-GCM for file encryption, with per-file salt and IV and PBKDF2 for key derivation via the Web Crypto API.
Can Token recover my files if I lose the password?: No. Without the password, ciphertext cannot be decrypted. Keep the password in your password manager or share it through a separate channel.
Is this the same as end-to-end encryption for chat?: Same idea for files: only people with the password can decrypt. Token does not operate a messaging layer; it is a bounded document room.

Create a room All guides

What actually happens when you upload

When you add a file to a Token room, the app derives an encryption key from your room password and a per-file salt using PBKDF2, then encrypts the file with AES-256-GCM in the Web Crypto API.

What recipients experience

Password is not stored on Token servers

Decryption is local — no server-side plaintext

Revoking the link stops new fetches; old downloads are already local

What this does and does not promise

Client-side encryption is a strong default for outsider file drops: it reduces trust in the host and keeps a clear mental model (link + password).

Frequently asked questions

Does Token ever see my room password?

No. The password is used in the browser to derive keys. It is not sent to Token for storage or validation of decryption.

What algorithm does Token use?

AES-256-GCM for file encryption, with per-file salt and IV and PBKDF2 for key derivation via the Web Crypto API.

Can Token recover my files if I lose the password?

No. Without the password, ciphertext cannot be decrypted. Keep the password in your password manager or share it through a separate channel.

Is this the same as end-to-end encryption for chat?

Same idea for files: only people with the password can decrypt. Token does not operate a messaging layer; it is a bounded document room.

What actually happens when you upload

What recipients experience

What this does and does not promise

Try the features

Frequently asked questions

Related guides

What actually happens when you upload

What recipients experience

What this does and does not promise

Try the features

Frequently asked questions

Related guides