Great! I was using this to encrypt all my super secret information, and now you’ve gone and blabbed about it to everybody. Now the bad guys know how to get at my super secret information! Thanks a lot!

It’s a website. Which means Google knows about it. And I think once Google knows about it, it’s pretty safe to say the rest of the world does, too.

This is what would be considered either “security theater,” or “security by obscurity,” and is a prime example of what _not_ to do if you want your information to be secure.

The SHA1 hash is great for encrypting. It’s very secure.
But the most important part of the entire encryption process is that you know what the decryption key is, and NOBODY else does.
In this case, not only does somebody else (the website owner) know what the decryption key is, but you DON’T! You’ve encrypted your super secret information, and given somebody you don’t know the only key.

Not only that, but you’ve also simply exchanged the insecure email for an insecure website. If you’re so concerned about BadGuy sniffing your or the recipient’s email connection, then BadGuy is also going to be in a position to sniff the insecure connection to this website when you send your text to be encrypted/decrypted.

The ONLY secure method for email is to encrypt the email directly on your computer, with either the recipient’s public key, or a shared key that only the two of you know.

A shared key is not as secure, because even if you delete the unencrypted copy of the email, someone can still decrypt with your copy of the shared key.
With the recipient’s public key, once you’ve encrypted the email, you cannot decrypt it again with the same key. The only key that will decrypt that email is the recipient’s private key, which you don’t know. If you properly delete the unencrypted email, the contents CANNOT be decrypted on your end, even if someone steals your computer. The ONLY person who can decrypt is the recipient.

Now THAT’S real security.