Invisible Text

Hide a secret message inside ordinary text using invisible characters, optionally encrypted with a passphrase.

Secret message

What everyone else sees. Optional.

What this tool does

Invisible Text hides a secret message inside ordinary-looking text. The result can be pasted anywhere plain text goes — a chat message, a document, a code comment — and looks completely unremarkable. The hidden message travels with it.

How it works

Unicode defines characters that occupy no visual space. The two this tool uses are theU+200B zero-width space and the U+200C zero-width non-joiner. Your secret is converted to UTF-8 bytes, each bit becomes one of those two characters, and the resulting invisible string is woven into your visible text.

Because the encoding happens at the byte level, any language works — Korean, Arabic, emoji, and mathematical symbols all survive the round trip intact.

Hiding is not the same as encrypting

On its own, hidden text is concealment, not security. Anyone who suspects a message is present can extract it with this same tool, or with theUnicode Inspector.

Turning on the passphrase option encrypts your message with AES-256-GCM before it is hidden. The key is derived from your passphrase with 600,000 rounds of PBKDF2, which makes brute-force guessing expensive. An attacker who finds the hidden data still cannot read it.

Where it works, and where it doesn't

  • Usually survives: plain text files, most chat apps, email bodies, code editors, and clipboards.
  • Often stripped: rich text editors, social platforms that sanitise input, and forms that validate characters.
  • Always test first on the destination before relying on a hidden message reaching someone.

Common uses

  • Watermarking. Give each recipient a copy carrying a unique invisible marker, and a leak points back to its source.
  • Attribution. Embed authorship in text that will be copied around.
  • Messages in plain sight. Send something that looks ordinary to anyone glancing at it.
  • Teaching. Demonstrate Unicode steganography concretely rather than in the abstract.

FAQ

How does hiding text inside other text actually work?

Unicode includes characters that take up no visual space, such as the zero-width space (U+200B) and zero-width non-joiner (U+200C). OpenSeal converts your secret message into bytes, writes each bit as one of those two invisible characters, and inserts the result into your visible text. The message is physically present in the string, but nothing appears on screen.

Is my text sent to a server?

No. Every operation runs in your browser using JavaScript and the built-in Web Crypto API. OpenSeal has no backend and no database, so there is nowhere for your text to be sent. You can disconnect from the internet and the tool still works.

Should I use the passphrase option?

Yes, if the message is sensitive. Without a passphrase, anyone who suspects hidden text can decode it with the same tool. With a passphrase, the message is encrypted with AES-256-GCM before being hidden, so it cannot be read without the passphrase even if it is discovered.

Will the hidden message survive copy and paste?

Usually, but not always. Plain text fields, most chat apps, and code editors preserve the invisible characters. Platforms that sanitize input, rich text editors, and some social networks may strip them. Always test on the destination platform before relying on it.

Can invisible text be detected?

Yes. Anyone can paste the text into a tool like the OpenSeal Unicode Inspector and see the hidden characters immediately. Invisible text is concealment, not security. If the content matters, use a passphrase so it is encrypted as well as hidden.

What can I use this for?

Common uses include watermarking documents to trace leaks, adding invisible attribution to shared text, sending a message in plain sight, and teaching or demonstrating how Unicode steganography works.