Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Base64 Encoder/Decoder
Base64 encoding converts binary data into a text-safe format that can be transmitted through systems designed for text.
This Base64 encoder decoder handles both directions instantly: paste plain text or binary data to encode it to Base64, or paste a Base64 string to decode it back to its original form.
Developers encounter Base64 encoding daily. Email attachments are Base64-encoded for transmission through SMTP. Inline images in HTML and CSS use Base64 data URIs. API authentication headers carry Base64-encoded credentials. JWT tokens contain Base64URL-encoded payloads. Configuration files embed certificates and keys as Base64 strings. Understanding and working with Base64 is a core developer skill.
This tool encodes and decodes in your browser with no data sent to any server. It handles standard Base64 and Base64URL variants, supports UTF-8 text input, and provides clean output ready to copy and use in your code, configuration, or API calls.
What Is Base64 Encoding
Base64 is a binary-to-text encoding scheme that represents binary data using 64 printable ASCII characters. The 64 characters are A-Z (26), a-z (26), 0-9 (10), plus (+), and forward slash (/), with equals (=) used for padding. The Base64URL variant replaces + with – and / with _ to make encoded strings safe for use in URLs and filenames.
The encoding process works by taking three bytes (24 bits) of input data and splitting them into four 6-bit groups. Each 6-bit group maps to one of the 64 characters in the Base64 alphabet. This means Base64-encoded output is always approximately 33% larger than the input because three bytes of data become four bytes of text.
If the input length is not a multiple of three bytes, padding is added. One remaining byte produces two Base64 characters plus two padding characters (==). Two remaining bytes produce three Base64 characters plus one padding character (=). This padding ensures the encoded string length is always a multiple of four.
When to Use Base64
Email attachments (MIME). The MIME standard requires binary attachments in email to be encoded as text because SMTP was designed to handle only 7-bit ASCII text. Base64 is the standard encoding for email attachments, inline images, and any non-text content in email messages.
Data URIs. HTML and CSS can embed small files directly in the markup using data URIs. The format is data:[mediatype];base64,[encoded-data]. For example, a small PNG image can be embedded directly in an HTML img tag or a CSS background-image property without requiring a separate HTTP request. This is useful for small icons, logos, and decorative images where eliminating an HTTP request outweighs the 33% size increase.
API authentication. HTTP Basic Authentication encodes the username:password string in Base64 and includes it in the Authorization header. The format is Authorization: Basic [base64-encoded-credentials]. While this is not encryption (Base64 is trivially reversible), it ensures the credentials are transmitted using only safe ASCII characters. Always use HTTPS with Basic Authentication to protect the credentials in transit.
JSON Web Tokens. JWTs consist of three Base64URL-encoded segments: header, payload, and signature. Decoding the header and payload reveals the token’s claims and metadata. Use our JWT Decoder for a dedicated JWT analysis tool.
Certificates and keys. PEM-formatted SSL certificates, SSH keys, and encryption keys use Base64 encoding to represent binary cryptographic data as text. The familiar BEGIN CERTIFICATE / END CERTIFICATE format wraps Base64-encoded binary data.
Configuration embedding. Kubernetes secrets, cloud provider configurations, and CI/CD pipeline variables often store sensitive values as Base64-encoded strings. This is not for security (Base64 is not encryption) but for safe handling of binary data and special characters in text-based configuration systems.
Base64 vs Base64URL
The standard Base64 alphabet includes + and /, which have special meanings in URLs and filenames. Base64URL solves this by replacing these characters:
+becomes-(hyphen)/becomes_(underscore)- Padding
=is typically omitted
Base64URL is used in JWTs, URL query parameters, filename-safe encoding, and any context where the encoded string appears in a URL. If you are encoding data that will be placed in a URL, use Base64URL to avoid breaking the URL structure.
This tool supports both variants. Select the appropriate mode based on where the encoded output will be used.
Base64 Is Not Encryption
This is worth emphasizing because it is a common misconception. Base64 encoding is a reversible transformation, not a security measure. Anyone who has access to a Base64-encoded string can decode it instantly. There is no key, no password, and no secret involved in the process.
Do not use Base64 to hide passwords, API keys, personal data, or any sensitive information. If you need to protect data, use proper encryption (AES, RSA) or hashing (SHA-256). Base64 is a transport encoding, not a security mechanism. For generating actual cryptographic hashes, use our Hash Generator.
Kubernetes secrets are a good example of this misunderstanding. Kubernetes stores secret values as Base64-encoded strings, which leads some developers to believe the values are protected. They are not. Anyone with access to the Kubernetes API can decode the Base64 strings instantly. Actual secret management requires additional layers like encryption at rest, RBAC, and external secret managers.
Encoding and Decoding UTF-8 Text
When encoding text (as opposed to binary data) to Base64, the text must first be converted to bytes using a character encoding. UTF-8 is the standard encoding for web content and the one this tool uses by default.
Standard ASCII characters (English letters, numbers, basic punctuation) each use one byte in UTF-8, so encoding them to Base64 is straightforward. Non-ASCII characters, including accented letters, emoji, and characters from non-Latin scripts, use multiple bytes in UTF-8. This means the Base64 output for non-ASCII text will be proportionally longer.
For example, the text "cafe" encodes to Y2FmZQ== (8 characters for 4 input bytes). But "Hello" in Chinese characters uses more bytes per character in UTF-8, producing a longer Base64 string per visible character.
When decoding Base64, the tool converts the decoded bytes back to a UTF-8 string. If the original data was not UTF-8 text (for example, it was a binary file like an image), the decoded output will appear as garbled characters because binary data is not valid text.
Common Base64 Operations in Development
Encoding a string in JavaScript: In browser JavaScript, use btoa() for encoding and atob() for decoding ASCII strings. For UTF-8 support, you need to handle the encoding explicitly using TextEncoder and TextDecoder or a polyfill. Node.js uses Buffer.from(string).toString('base64') for encoding and Buffer.from(base64String, 'base64').toString() for decoding.
Encoding in Python: The base64 module provides b64encode() and b64decode() functions. Import base64, encode with base64.b64encode(text.encode('utf-8')).decode('ascii'), and decode with base64.b64decode(encoded_string).decode('utf-8').
Command line: On Linux and macOS, use echo -n "text" | base64 to encode and echo "encoded" | base64 --decode to decode. The -n flag on echo prevents a trailing newline from being included in the encoding.
This browser-based tool is convenient when you need a quick encode or decode without switching to a terminal or writing code. It is especially useful for decoding strings from log files, API responses, or configuration files where you need to quickly inspect the contents.
For related encoding operations, see our URL Encoder/Decoder for URL-safe encoding and our JSON Formatter for working with JSON payloads.
Frequently Asked Questions
What is Base64 encoding?
Base64 is a binary-to-text encoding that represents data using 64 printable ASCII characters (A-Z, a-z, 0-9, +, /). It converts binary data into a text-safe format for transmission through text-based systems like email and HTTP.
Why is Base64 output larger than the input?
Base64 encodes three bytes of input into four characters of output, resulting in approximately 33% size increase. This overhead is the cost of representing binary data using only printable text characters.
Is Base64 encoding secure?
No. Base64 is a reversible encoding, not encryption. Anyone can decode a Base64 string without any key or password. Never use Base64 to protect sensitive data. Use proper encryption or hashing instead.
What is the difference between Base64 and Base64URL?
Base64URL replaces + with – and / with _ to make encoded strings safe for URLs and filenames. Padding characters (=) are typically omitted. Use Base64URL when the encoded string will appear in a URL.
Can I encode images to Base64?
Yes. Images can be encoded to Base64 for use as data URIs in HTML and CSS. This eliminates separate HTTP requests but increases the data size by 33%. It is most beneficial for small images like icons.
How do I decode Base64 in the command line?
On Linux or macOS, use the command: echo "encoded-string" | base64 –decode. On Windows PowerShell, use [System.Convert]::FromBase64String() or install a base64 utility.
What does the = padding mean in Base64?
The = padding characters ensure the Base64 output length is a multiple of 4. One = means two padding bits were added. Two == means four padding bits were added. Padding is required by the standard but optional in Base64URL.
Can Base64 handle any file type?
Yes. Base64 can encode any binary data regardless of file type, including images, PDFs, audio, video, and executables. The encoding treats all input as raw bytes.
Data accurate as of: March 2026