How to Redact a Screenshot Without Uploading It Anywhere
You need to share a screenshot. A bug report, a support ticket, a Slack message, a post asking for help. Somewhere in that image is something that should not travel with it: a customer email, an API key in a terminal, an account number, an internal IP. The question is how to black it out properly, and the trap most people fall into is the first search result: an "upload your file, we'll redact it" web service. To remove sensitive data from a file, you send the unredacted file to a stranger's server. That is backwards.
What Actually Leaks in a Shared Screenshot
- Text in the pixels. Emails, phone numbers, card numbers, SSNs, API keys and tokens, IP addresses, order and account IDs. These are the obvious ones, and the ones people still miss when they are in a corner of the window.
- Metadata. PNG and JPEG files can carry EXIF blocks, timestamps, and embedded text chunks. None of it is visible in the image, all of it travels with the file.
- The stuff you did not scroll past. Browser tabs, notification popups, taskbar items. Look at the whole frame before you share, not just the part you care about.
Why Blur Alone Can Fail You
Light Gaussian blur and coarse pixelation over short, high-contrast text are not always one-way. Researchers have repeatedly shown that mosaic-style pixelation of known fonts can be reversed by brute force, and weak blur can be sharpened enough to read. The safe rule is simple: for text you truly cannot leak, use a solid bar. Blur is fine for softening a face or a background, or lowering the prominence of low-stakes content. For credentials and identifiers, opaque rectangles only.
Also check your editor's history. Some annotation tools save the rectangle as a removable layer on top of the image. Export a flattened PNG, never the editable project file.
The On-Device Way, Step by Step
- Take the screenshot and keep it local. Do not paste it into a web service to crop or annotate it.
- Scan it for PII before you trust your eyes. Eyes miss things, especially in dense terminal output or long tables. This is where OCR helps: software reads the text in the image and flags anything that matches a sensitive pattern.
- Cover with solid bars, then flatten. Draw opaque rectangles over every match. Export a new PNG so no editable layers survive.
- Strip the metadata. Remove EXIF and text chunks from the exported file. Many tools skip this step; make sure yours does not.
What About Text, Not Images
The same logic applies to pasting logs, error messages, or customer records into a chat, a ticket, or an AI assistant. Scrubbing by hand is error-prone. Pattern detection does it better: real validators (Luhn checks for card numbers, phone-plan rules for phone numbers, entropy checks for API keys) catch what a skim misses, and you review the highlights before anything is replaced.
Your Options, Honestly Compared
- Adobe Acrobat Pro has proper redaction, but it is PDF-focused, and redaction is only in the Pro tier at $19.99 per month on an annual plan. If your job is a screenshot or a block of text, that is a lot of subscription for a rectangle.
- Upload-based services (Redactable and similar) do good automated work on documents, with plans starting around $29 per month, but the model requires sending the unredacted file to their servers first. For regulated or simply private material, that can be exactly the thing you were trying to avoid.
- Your OS screenshot editor is free and local, but it will not find PII for you, blur there can be weak, and it does not strip metadata.
- An on-device redaction tool gives you the automation without the upload. This is the gap Redact was built for.
Where Redact Fits
Redact is a browser extension that does everything above locally. Paste text and it highlights emails, phones, SSNs, cards, IPs, API keys and IDs for one-click redaction. Drop in a screenshot, draw bars, and export a flattened PNG with metadata already stripped. The Pro tier ($12 one time, no subscription) adds on-device OCR auto-detection, blur and pixelate styles, batch processing, and custom patterns. The OCR engine is bundled with the extension, so even that runs without a network call. The only request the app ever makes is verifying a Pro license key.
It is coming to the Chrome Web Store now (in review). The free tier ships inside the extension; Pro is available today.
Get Redact Pro, $12 One-TimeOr read more about how it works on the Redact home page.