Security Encyclopedia


Plaintext is what encryption algorithms, or ciphers, transform an encrypted message into. It is any readable data — including binary files — in a form that can be seen or utilized without the need for a decryption key or decryption device.

Plaintext would refer to any message, document, file, and the like intended or having been encrypted. Plaintext is the input to a crypto system, with ciphertext being the output. In cryptography, algorithms transform plaintext into ciphertext, and ciphertext into plaintext. These respective processes are called encryption and decryption. The basis for using such a system is to ensure that the data can only be read by its intended recipient.

Securing plaintext stored in a computer file is paramount, as its unsanctioned theft, disclosure, or transmission results in its contents being fully disclosed and thus potentially actionable. If stored, then, the storage media, the device, its components, and all backups must be secured.

It's standard operating procedure encrypt sensitive data before it is stored or transmitted rather than store or communicate it as plaintext. Data owners or custodians have come to accept that the systems inside which plaintext is stored, and the communications channels over which it travels, are insecure. It is therefore better to handle the data itself with care just as the systems themselves are secured.


"If you are storing user data or sending any part thereof over the wire, make sure it is encrypted. Passwords and similar credentials should never be stored or shared in plaintext."