Privacy Scrubber (PII + Secrets)

text

Scrub sensitive data from logs, tickets, and pastebins by redacting common PII and secret-like tokens. Choose mask vs remove, tune what to detect, and optionally include a redaction report with counts.

Privacy Scrubber (PII + Secrets)
Redact emails, phone numbers, IPs, UUIDs, JWTs, and common API keys from text—locally in your browser
Characters: 0Words: 0Sentences: 0Lines: 0

Options

Characters: 0Words: 0Sentences: 0Lines: 0

Privacy Scrubber - Redact PII & Secrets from Text | Free Online Tool

What is a privacy scrubber?

A privacy scrubber redacts sensitive strings in text so you can safely share logs, tickets, and snippets. Use it to remove common PII (emails, phone numbers, IP addresses) and secret-like tokens (JWTs and some popular API key formats) before pasting into Slack, GitHub, or a support form. This tool runs locally in your browser, so your text stays on your device.

How to use the Privacy Scrubber

  1. Paste your text: Add logs, error messages, or a draft support ticket (up to the limit shown in the tool).
  2. Choose what to redact: Toggle emails, phone numbers, IPs, UUIDs, JWTs, and “common API keys”.
  3. Copy the redacted output: Use Mask to replace matches with labels (recommended), or Remove to delete matches entirely.

Why use this Privacy Scrubber?

  • Share logs without leaking identity: Redact customer emails, staff phone numbers, or internal IPs before you post a traceback.
  • Reduce “oops” moments with tokens: Catch JWTs and common API key formats in pasted headers and config.
  • Stay fast and private: Redaction runs in your browser (no uploads), which is helpful when the text includes sensitive incident details.

Use case 1: Sharing an API error in a GitHub issue

When an API call fails, it’s common to paste request/response samples that contain email addresses, IPs, and Authorization tokens. Scrub the snippet first, then share it publicly with less risk.

Use case 2: Removing PII from support tickets

Support transcripts often contain phone numbers and email addresses. Redact them before you forward the content to a vendor or contractor who doesn’t need the original identifiers.

Use case 3: Sanitizing logs for debugging in chat

Slack and Discord are convenient, but they’re not always the right place for secrets. Scrub a log snippet, then paste the cleaned version for quick debugging.

Examples

Basic example (mask mode)

Input:

User email: sarah.connor@example.com
Client IP: 203.0.113.42
Request id: 7b2c6a2d-3b7c-4c5f-9b21-3f4f2d9a1c0e
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyLTEyMyIsImVtYWlsIjoic2FyYWguY29ubm9yQGV4YW1wbGUuY29tIn0.something-something-signature

Output (example):

User email: [REDACTED:EMAIL]
Client IP: [REDACTED:IP]
Request id: [REDACTED:UUID]
Authorization: Bearer [REDACTED:JWT]

Advanced example (text + report)

Input:

Failed login from +1 (415) 555-0139
Temporary key: sk-live-1234567890abcdef1234567890abcdef
Secondary email: ops+alerts@company.example

Output (example):

Failed login from [REDACTED:PHONE]
Temporary key: [REDACTED:API_KEY]
Secondary email: [REDACTED:EMAIL]

---- Redaction report ----
emails: 1
phones: 1
ipAddresses: 0
uuids: 0
jwts: 0
apiKeys: 1

Common errors

“It redacted something that wasn’t sensitive”

Some detections (especially phone numbers and “generic-looking” keys) are heuristics. If you see false positives, turn off that detector and rerun. If you’re using Remove, follow up with the whitespace remover to clean up double spaces or blank lines.

“It didn’t catch my secret”

Not all tokens have a consistent format, and many secrets are organization-specific. This tool catches a handful of common patterns (plus JWTs), but it can’t guarantee it will find every credential. If you suspect a leak, rotate the secret and treat the original text as compromised.

“My output formatting looks messy”

When you remove matches, you may end up with extra spaces or punctuation. Use the remove formatting tool for copy/paste cleanup or run a regex test to spot patterns you want to handle manually.

Tips and proven approaches

  • Prefer “Mask” for debugging: Masking keeps the structure of logs intact (line lengths, punctuation, and context), which makes debugging easier than deleting content.
  • Scrub before you format: If your logs include JSON bodies, scrub first, then run the output through the JSON formatter so you don’t accidentally “pretty print” secrets into multiple lines.
  • Treat redaction as a safety net, not a policy: If text contains production secrets, the safest move is still to avoid sharing it and rotate any exposed credentials.

Related tools

Privacy and security

This privacy scrubber runs in your browser. Text you paste here is processed locally and isn’t uploaded by this tool. Redaction is not encryption—if you suspect a credential was exposed, rotate it and invalidate any affected sessions.

Frequently Asked Questions
It redacts common sensitive patterns like emails, phone numbers (best-effort), IP addresses, UUIDs, JWTs, and a handful of popular API key formats (e.g., AWS/GitHub/Slack/Stripe-style tokens).
No. Secret formats vary widely, and any pattern-based detector can miss novel formats or match false positives. Use this as a fast first pass, then review before sharing.
Yes. Text is processed in your browser and isn't sent to a server by this tool.

Related Tools

6 more

More tools in text

Remove Text Formatting

Remove HTML, emojis, and non-printable characters

text
Try it

Whitespace Remover

Remove or normalize whitespace in text

text
Try it

JSON Formatter

Format and beautify JSON with proper indentation

code
Try it

Regex Tester

Test regex patterns with live matches and explanations

code
Try it

Lowercase Converter

Convert all text to lowercase letters

text
Try it

Uppercase Converter

Convert all text to UPPERCASE letters

text
Try it