How to implement ROT13 in JavaScript

Written by
Published on

ROT13 is a specific implementation of the Caesar cipher that replaces each letter with the letter that is 13 places down the alphabet. For example, the letter 'A' would be replaced by 'N', 'B' would be replaced by 'O', and so on. ROT13 is often used as a way to obscure text, for example, in online forums or newsgroups where the content of the message may not be suitable for all audiences.

To decode a message encoded with ROT13, you can simply apply the ROT13 algorithm again to the encoded message, since it is its own inverse, as there are 26 letters in the alphabet. This means that if you apply ROT13 to a string twice, you will get the original string back.

Here is a quick implementation of the algorithm using JavaScript:

function rot13(str) {
  // Create a new string to store the transformed characters
  let transformed = "";

  // Loop through each character in the string
  for (let i = 0; i < str.length; i++) {
    // Get the ASCII code of the current character
    let charCode = str.charCodeAt(i);

    // If the character is a letter (uppercase or lowercase)
    if ((charCode >= 65 && charCode <= 90) || (charCode >= 97 && charCode <= 122)) {
      // Shift the character 13 places
      charCode += 13;

      // If the character is now past the 'Z' or 'z', wrap it around
      if ((charCode > 90 && charCode < 97) || charCode > 122) {
        charCode -= 26;

    // Add the transformed character to the new string
    transformed += String.fromCharCode(charCode);

  // Return the transformed string
  return transformed;

Is it secure?

ROT13 is not a secure encryption algorithm and should not be used for sensitive communication. It is a very simple Caesar cipher that can be easily broken, even by hand.

The security of a Caesar cipher is directly related to the size of the shift used. In the case of ROT13, the shift is 13, which means that there are only 26 possible shifts (since the alphabet has 26 letters). This makes it relatively easy to break the cipher by trying all possible shifts and seeing which one produces the most readable message.

Additionally, ROT13 does not take into account the frequency of letters in the English language, which means that certain letters (such as 'E' and 'T') will still appear more frequently in the encoded message, making it even easier to break the cipher.

For these reasons, ROT13 should not be used for sensitive communication and should only be used for fun or for simple tasks such as obscuring text in online forums or newsgroups. If you need to securely transmit information, you should use a stronger encryption algorithm, such as AES or RSA.

Walter Guevara is a software engineer, startup founder and currently teaches programming for a coding bootcamp. He is currently building things that don't yet exist.


No messages posted yet

New articles published each week. Sign up for my newsletter and stay up to date.

Developer Poll 🐱‍💻


Add a comment

Send me your weekly newsletter filled with awesome ideas