Choose a passphrase and remember it. A message can be decrypted only with the same passphrase that was used to encrypt it. Share the passphrase with the receiver via a secure channel separately from the message. The encryption uses PBKDF2 (SHA-256, 250,000 iterations) to derive a 256-bit AES-GCM key from the passphrase and a fresh random salt for every encryption.