Photo Censor/Blur Tool

Blur or pixelate areas of an image for privacy. Draw rectangles over faces, text, or sensitive info, then download the censored version.

The Photo Censor/Blur Tool obscures selected rectangles of an image with either a Gaussian blur or a pixelation mosaic, baking the effect into the pixels of the downloaded file. All processing runs in your browser via the Canvas API, which renders the image from raw pixels and discards EXIF, GPS, and camera metadata in the process. Use high or maximum strength whenever you are covering text, since light pixelation has been shown to be reversible.

Ad
Ad

About Photo Censor/Blur Tool

How to Use the Tool

StepAction
1. Upload imageClick the upload area or drag and drop a file
2. Choose blur modeSelect Gaussian Blur (smooth) or Pixelate (mosaic blocks)
3. Set strengthAdjust the slider to control how heavily the content is obscured
4. Draw regionsClick and drag on the image to draw rectangles over sensitive areas
5. Adjust or removeClick X on any region to remove it, or draw additional regions
6. DownloadThe effect is permanently baked into the output image

Blur vs Pixelate

ModeHow It LooksHow It WorksBest For
Gaussian BlurSmooth, out-of-focus appearanceAverages nearby pixels using a Gaussian function, creating a soft blendFaces, natural images, when you want a subtle look
PixelateLarge coloured blocks (mosaic)Divides the region into blocks and fills each with the average colourText, licence plates, classic censoring look, screenshots

Both modes permanently modify the pixel data in the output image. The original content underneath the blurred or pixelated region cannot be recovered from the downloaded file.

What to Censor: Common Scenarios

ScenarioWhat to BlurRecommended ModeStrength
Sharing screenshots with personal dataEmail addresses, phone numbers, account numbersPixelateHigh - text must be completely unreadable
Posting photos with facesFaces of people who did not consentBlurMedium to high - features should be unrecognisable
Sharing car photos onlineLicence platesPixelate or blurHigh
Bug reports with sensitive dataAPI keys, passwords, tokens visible in screenshotsPixelateMaximum - no characters should be guessable
Real estate photosNeighbour's property, house numbersBlurMedium
Medical or legal documentsPatient/client names, dates of birth, case numbersPixelateMaximum

Security Considerations

ConcernIs It Safe?Details
Can the blur be reversed?NoThe download contains only the blurred/pixelated pixel data. Original pixels are discarded
Is the image uploaded anywhere?NoAll processing happens in your browser using the Canvas API. Nothing is sent to a server
Does EXIF data remain?NoCanvas export strips all metadata including EXIF, GPS, and camera information
Can AI reconstruct the text?At high blur/pixelation, noUse maximum strength for text - low strength may still allow AI-assisted guessing of characters
Is the original file modified?NoThe original file is untouched. You download a new, separate image

Important: use maximum strength for text censoring. Research has shown that lightly pixelated text can sometimes be reconstructed, especially for short strings like passwords or licence plates. When in doubt, censor more aggressively.

Blur Strength Guide

Strength LevelEffectSafe For Censoring?
Low (10-20%)Slight softening, details still partially visibleNo - details can often be guessed or reconstructed
Medium (40-60%)Details obscured, shapes still recognisableOK for faces and large objects, not for text
High (70-90%)Content unrecognisable, only colours remainYes - safe for most content
Maximum (100%)Completely obscured, no recognisable featuresYes - recommended for text, numbers, and sensitive data

Why Light Pixelation Is Not Safe for Text

Light pixelation can be reversed by matching blocks against a reference alphabet rendered in the same font. In 2020, a security researcher publishing under the handle spipm released Depix, an open-source proof of concept that recovers plaintext from screenshots pixelated with common tools like Greenshot and GIMP. It works because linear box-blur filters are deterministic - the same text rendered in the same font at the same block size always produces the same averaged colours, so a brute-force lookup against a De Bruijn reference sheet recovers the original characters.

JUMPSEC Labs published results in 2022 replicating the attack against common monospace fonts such as Consolas, Monaco, and Courier New. Short, high-entropy strings like passwords and MFA codes were the easiest to recover. Proportional fonts and heavy compression reduce success rates but do not make redaction safe. In 2021 a US cybersecurity researcher used unblur techniques on a Washington Post report to reconstruct blurred email addresses in court documents, confirming the attack generalises beyond lab conditions.

Worked example of the risk: a screenshot of a six-digit authenticator code pixelated at 8 px blocks in Consolas has roughly 106 possible values. Depix can evaluate all of them in under a second on a laptop, so the "censored" code is effectively plaintext for an attacker. Raising the block size to 32-40 px and switching to a proportional font roughly halves the recovery rate, but the only provably safe option for sensitive text is to paint a solid opaque rectangle over it. This tool achieves that at maximum strength because the block size exceeds the character height - use the slider at 40 or above when covering codes, keys, or short identifiers.

What Data Can Leak From a Shared Photo?

Shared photos leak far more than the visible subject. A typical JPEG from a modern smartphone carries EXIF metadata that records the exact GPS coordinates, altitude, timestamp, camera model, serial number, and lens used. According to the UK Information Commissioner's Office (ICO), accidental disclosure through photo metadata remains a recurring personal-data breach category, and mainstream social platforms strip only a subset of this information on upload. Facebook, Instagram, and WhatsApp remove GPS and camera serial on public posts but retain them internally; direct messages on Telegram and Signal preserve the full EXIF block when sent as a "document" rather than a compressed image.

Data FieldWhat It RevealsStripped by This Tool?
GPS latitude/longitudeExact location to within a few metresYes - Canvas export discards EXIF
Camera serial numberLinks all photos from the same deviceYes
TimestampExact date and time of captureYes
Device modelPhone or camera usedYes
Editing history (XMP)Software used and prior editsYes
Visible faces, plates, textDirect personal dataOnly if you draw a region over them

The Canvas API re-encodes the image from pixel data, so the downloaded file contains only the visible pixels - nothing else. This behaviour is standard across all modern browsers per the HTML Living Standard. For extra safety, you can also strip metadata from untouched images using a dedicated image compressor pass, which goes through the same Canvas pipeline.

How Gaussian Blur and Pixelation Work Internally

Gaussian blur convolves each pixel with neighbours weighted by a 2D Gaussian distribution, producing a smooth falloff controlled by the radius sigma. Pixelation divides the region into N×N blocks and replaces every pixel in a block with the block's average colour, which is mathematically equivalent to a box-filter downsample followed by a nearest-neighbour upsample. The tool uses the browser's native CanvasRenderingContext2D.filter = "blur(Npx)" for Gaussian mode and a temporary downsample canvas for pixelation, both of which are GPU-accelerated in Chrome, Firefox, and Safari.

Rule of thumb: to defeat pixel-matching recovery, the effective block size should be larger than the character height being covered. For 14 pt screen text that is roughly 20 px at typical DPI, so a pixel block of 24-32 px is the minimum. The strength slider in this tool maps directly to pixel-block size at a 1:2 ratio, so set it to 40 or above for any text containing passwords, tokens, medical numbers, or financial details. Faces are more forgiving because human features carry lower high-frequency information than text - a strength of 20-30 is usually enough to defeat both human and automated re-identification at social-media resolutions.

Best Practices for Sharing Redacted Images

Before publishing any censored image, apply these four rules. They are drawn from guidance by the UK ICO, the US NIST Privacy Framework, and published redaction-failure case studies.

RuleWhy It Matters
Use a solid opaque rectangle (max strength pixelation) for textDepix and similar tools recover low-strength pixelated text with 70-90% accuracy on common fonts
Redact in a rasterised export, never a PDF annotation layerPDF annotations can be removed; only flattened pixels are safe
Check the scroll area and reflectionsAddress bars, taskbars, notification pop-ups, window reflections, and screen glare all leak data
Recheck after resizingDownsizing can make previously unreadable text legible if the original was over-blurred
Strip metadataCanvas export (this tool) discards EXIF and GPS. Other tools may preserve it

For full-image artistic softening rather than targeted censoring, try the image filters tool. For removing unwanted areas entirely rather than obscuring them, the image cropper is more appropriate - cropped pixels are gone, not blurred. If you want to shrink the censored output for email or a web upload, run it through the image compressor afterwards. All three tools work entirely in your browser and never transmit your image.

Sources

Frequently Asked Questions

What is the difference between blur and pixelate modes?

Blur applies a Gaussian blur effect that smoothly obscures the content. Pixelate reduces the region to large blocks, giving a classic mosaic censoring effect. Both effectively hide the original content, but pixelate tends to be more recognisable as intentional censoring.

Can I add multiple blur regions?

Yes. Draw as many rectangles as you need. Each region can be individually removed by clicking its X button. All regions use the same blur mode and strength setting.

Is the blur permanent in the downloaded image?

Yes. The downloaded image has the blur or pixelation baked into the pixels. The original content behind the blurred areas cannot be recovered from the downloaded file.

Is my image uploaded to a server?

No. All processing happens entirely in your browser using the Canvas API. Your image never leaves your device, which is especially important when you are censoring sensitive information.

Link to this tool

Copy this HTML to link to this tool from your website or blog.

<a href="https://toolboxkit.io/tools/photo-blur-tool/" title="Photo Censor/Blur Tool - Free Online Tool">Try Photo Censor/Blur Tool on ToolboxKit.io</a>