Skip to content
Pixora
privacyredactionblursecurity

How to Blur Faces and Redact Photos Properly

A blur only protects you if the hidden pixels are gone from the exported file — and if the blur is strong enough that nobody can rebuild what was under it. Here is how to get both right.

By 7 min read

To redact a photo safely, cover the sensitive area and export a new flattened file, so the original pixels are physically gone rather than merely hidden under a layer. That is the whole game: a redaction is only as strong as what survives in the bytes you actually hand over.

Most redaction failures are not exotic. They come from tools that draw something *over* sensitive content while leaving the original data intact underneath, and from blurs that are too weak to resist a patient guess. This post covers both, and how to avoid them.

What redaction actually means

Redaction means the sensitive pixels no longer exist in the file you share. Not covered, not hidden behind a shape, not on a layer you flattened in preview but not on export — gone. The reliable test is simple: after you save, the only way to recover the hidden content should be to guess it, never to extract it.

When you blur or pixelate a region and export a standard JPG or PNG, the tool resamples that region and writes the new pixels into a single flat image. There are no layers in a JPG. That is exactly what you want — provided the export really is a fresh flattened image and not a wrapper around the original.

The failure modes that leak

Three well-documented classes of leak explain almost every embarrassing redaction story. Knowing them tells you what to avoid.

The selectable-text PDF. People draw a black rectangle over a name or account number in a PDF and think it is hidden. It is not. The text object still sits in the document underneath the rectangle, so anyone can select it, copy it, or pull it out with a text extractor. The black box is a drawing on top, not a deletion. Governments and law firms have shipped documents like this.

The Acropalypse class of bug. In 2023, a flaw nicknamed aCropalypse was found in the Google Pixel Markup editor and in the Windows Snipping Tool. When you cropped or drew over a screenshot and saved it over the original file, the editor wrote the new, smaller image but did not truncate the file — the leftover bytes of the *original* image stayed on the end. Tools could reconstruct much of what you thought you had cropped away. The lesson: trust a freshly written file, not an in-place overwrite of the source.

The platform that keeps the original. Some social and messaging platforms store the image you first uploaded and generate their own display copies. If you edit or delete after posting, the original may persist on their servers. Redact before the first upload, never after.

Why each leak happens, and the fix.
FailureWhat leaksThe fix
Black box in a PDFSelectable text under the boxFlatten to an image; redact that
aCropalypse-style overwriteOld bytes left after the visible imageExport a new file, do not overwrite in place
Platform-side copyThe original uploadRedact before you ever upload
Weak blur on small textContent rebuilt by brute forceLarge radius, or a solid rectangle

Why a weak blur can be reversed

This is the part most guides skip. Blur and pixelation are deterministic filters: the same input pixels always produce the same output. That makes them reversible by brute force whenever the hidden content is drawn from a *small, low-entropy* set of possibilities.

Suppose you blur a four-digit PIN, a short number plate, or a date of birth. An attacker does not need to un-blur anything. They render every candidate — all ten thousand PINs, say — apply the exact same blur you used, and compare each result to your blurred region. The one that matches is the answer. Low-entropy content plus a known filter equals recoverable content.

  1. The attacker guesses the format of the hidden data — for example, a 4-digit code.
  2. They generate every possible value in that format.
  3. They apply the same blur radius or pixelation block size to each candidate.
  4. They compare each blurred candidate to your redacted region and keep the closest match.

When a blur is the right tool — a face, a body, a background you only want softened — make it strong. Use a large radius or a large pixelation block, big enough that fine structure is destroyed rather than smeared. A gentle blur that leaves edges and shapes readable is worse than useless, because it looks redacted while it is not.

How to redact in Pixora

Pixora's blur tool runs entirely in your browser and exports a flattened image, so the covered pixels are genuinely resampled on the way out. One thing to be clear about: it has no face detection. There is no AI finding faces for you. You drag the boxes over each region yourself, which means you are responsible for covering every sensitive area — but it also means nothing about your image is analysed on a server.

Blur or pixelate an image
  1. Open the image and drag a box over each face, plate, screen, or block of text you want hidden.
  2. Choose blur for organic subjects like faces; choose pixelate for a blockier look.
  3. Turn the strength up. A large radius on a small region is cheap insurance.
  4. For anything an attacker could guess — codes, plates, dates — cover it solidly rather than blurring.
  5. Export the new file and check it at full zoom before you share it.

Zoom to 100 percent on the exported copy and look at each redacted region. If you can still make out a shape, a digit, or an edge, it is not strong enough. Redo it before the file leaves your device.

Blurring a face is only half the job

A photo carries more than pixels. Most camera and phone images embed EXIF metadata: the model of the device, the exact timestamp, and often the GPS coordinates of where the shot was taken. Blurring the face in the frame does nothing to those fields. You can hide who is in a photo and still broadcast the street it was taken on.

Re-exporting through an editor often drops metadata as a side effect, but do not rely on that — confirm it. Run the file through the EXIF remover to inspect what is embedded and strip it. Location data is the part that most often turns an anonymous photo into an identifiable one.

Inspect and strip EXIF and GPS data

A workflow that does not leak

  1. Work from a copy, so a mistake never touches your only original.
  2. Redact every sensitive region — strong blur for faces, solid fill for guessable secrets.
  3. Export a brand-new file rather than overwriting the source in place.
  4. Strip EXIF and GPS from the exported copy.
  5. Zoom in and verify every region before the file is ever uploaded or sent.
A redaction you can see through at 100 percent zoom is not a redaction. It is a suggestion.

Do the covering first and the check last, and do both before the first upload. That order is what separates a photo that is safe to share from one that only looks safe.

Redact a photo now

Quick answers

Can a blur really be reversed?

Only when the hidden content is drawn from a small, guessable set and the blur is weak. A short PIN behind a light blur is recoverable by brute force; a face behind a heavy blur, with no small alphabet to search, is not a realistic target. Match the method to the content.

Does Pixora detect faces automatically?

No. There is no face detection and no AI analysis. You drag the boxes over the regions you want hidden. That keeps the work local and gives you full control over exactly what is covered.

Is blur or pixelate more secure?

Neither is secure for low-entropy content, because both are reversible filters. For a face, a strong version of either is fine. For anything guessable, skip both and use a solid fill.

Is any of this uploaded?

No. Blurring and metadata removal run in your browser, so the sensitive image never travels to a server in the first place — which is the point of redacting before you share.