Free Online Base64 Encoder & Decoder

Encode text to Base64 or decode Base64 strings back to plain text — instantly and with zero hassle. Supports UTF-8, ASCII, and URL-safe Base64 variants. Perfect for developers working with data URIs, JWT tokens, API authentication, and email MIME encoding. Everything runs in your browser — your data stays private.

🔒 100% Private ⚡ Browser-Based 🎯 No Signup 💰 100% Free

What is Base64 Encoding?

Base64 is a binary-to-text encoding scheme that represents binary data using a set of 64 printable ASCII characters. Defined in RFC 4648, the standard Base64 alphabet consists of uppercase letters (A–Z), lowercase letters (a–z), digits (0–9), and two special characters (+ and /), with = used as a padding character.

The encoding process works by taking every 3 bytes (24 bits) of input data and splitting them into four 6-bit groups. Each 6-bit group maps to one of the 64 characters in the Base64 alphabet. If the input length isn't a multiple of 3, padding characters (=) are appended to the output to ensure proper alignment. This process results in an output that is approximately 33% larger than the original data — the unavoidable tradeoff for universal text compatibility.

Base64 encoding was originally developed to solve a practical problem: many data transport systems — including email (SMTP), XML, JSON, HTML, and URL query strings — were designed to handle text, not raw binary data. Characters like null bytes, control codes, and high-byte values could corrupt data in transit. Base64 converts any binary sequence into safe, printable ASCII text that survives any text-based transport without modification.

It's critical to understand that Base64 is not encryption. It provides no security whatsoever — any Base64 string can be decoded back to the original data without any key or password. Base64 is purely a data representation format, not a security mechanism.

How to Encode or Decode Base64 Online

Our Base64 encoder makes converting between text and Base64 effortless. Here's how:

Choose Your Mode: Select Encode to convert plain text to Base64, or Decode to convert a Base64 string back to readable text.
Enter Your Input: Type or paste your content into the input text area. For encoding, enter any plain text (including Unicode characters, emoji, and special symbols). For decoding, paste a valid Base64 string.
Select Encoding Options: Choose the character encoding — UTF-8 (default, handles all Unicode) or ASCII (7-bit, English characters only). Optionally enable URL-safe Base64 mode, which uses - and _ instead of + and /.
View Results Instantly: The output updates in real time as you type. No need to click a convert button — results appear immediately in the output area.
Copy the Output: Click the Copy button to copy the encoded or decoded result to your clipboard. Use it in your code, API calls, configuration files, or data URIs.

Base64 vs Other Encoding Methods

Base64 is one of several encoding schemes used in software development. Here's how it compares to other common methods:

Encoding	Character Set	Size Overhead	Primary Use Case
Base64	A-Z, a-z, 0-9, +, /	~33%	Email attachments, data URIs, JWT, API payloads
Base32	A-Z, 2-7	~60%	TOTP codes, case-insensitive systems, DNS
Hex (Base16)	0-9, A-F	~100%	Hash digests, MAC addresses, color codes, debugging
URL Encoding	%XX escape sequences	Variable (up to 200%)	URL query strings, form submissions
ASCII85	33–117 ASCII range	~25%	PDF internals, PostScript, Adobe formats

Base64 strikes the best balance of compact size, universal support, and simplicity for most web and application development needs. It is by far the most widely used binary-to-text encoding in modern software.

Common Base64 Use Cases

Data URIs in HTML & CSS

Data URIs allow you to embed small files (images, fonts, icons) directly in your HTML or CSS using Base64 encoding, eliminating the need for additional HTTP requests. For example: data:image/png;base64,iVBORw0KGgo.... This is particularly useful for small icons, SVGs, and critical above-the-fold images to improve initial page load performance.

Email MIME Encoding

Email protocols (SMTP) were designed for 7-bit ASCII text and cannot natively transport binary attachments. MIME (Multipurpose Internet Mail Extensions) uses Base64 to encode file attachments — images, PDFs, documents — as text that can be safely transmitted through email infrastructure and decoded by the recipient's email client.

JWT Tokens

JSON Web Tokens (JWT) use Base64url encoding (URL-safe Base64) for both the header and payload sections. A JWT looks like xxxxx.yyyyy.zzzzz, where each section is a Base64url-encoded JSON object. Understanding Base64 is essential for debugging JWT tokens and inspecting their claims without a dedicated JWT decoder.

HTTP Basic Authentication

HTTP Basic Auth encodes the username:password pair in Base64 and sends it in the Authorization header as Basic dXNlcjpwYXNz. While simple to implement, remember that Base64 is not encryption — Basic Auth should only be used over HTTPS to prevent credential interception.

URL-Safe Base64 Explained

Standard Base64 uses + and / characters, which have special meanings in URLs (+ represents a space in query strings, / is a path separator). URL-safe Base64 (defined in RFC 4648, Section 5) solves this by replacing + with - (hyphen) and / with _ (underscore). Padding characters (=) are typically omitted since the decoder can infer padding from the string length.

URL-safe Base64 is used extensively in:

JWT tokens — header and payload are Base64url-encoded
OAuth 2.0 — code challenges (PKCE) and state parameters
Web-safe file names — when binary identifiers need to be URL/filename compatible
Google APIs — many Google services use Base64url for API parameters

Tips for Working with Base64

Don't use Base64 for large files: The 33% size overhead adds up quickly. A 1 MB image becomes ~1.33 MB in Base64. For large files, use direct binary transfer or multipart form uploads instead.
Always use UTF-8 for Unicode text: JavaScript's native btoa() function only handles Latin-1 characters. For Unicode text (emoji, CJK, accented characters), you must first encode to UTF-8 bytes using TextEncoder before Base64 encoding. Our tool handles this automatically.
Use URL-safe Base64 for web contexts: Whenever your Base64 output will appear in a URL, filename, or HTTP header, use the URL-safe variant to avoid encoding issues and the need for additional percent-encoding.
Strip whitespace before decoding: Some systems insert line breaks every 76 characters (per the MIME standard). Remove all whitespace from a Base64 string before decoding to avoid errors.
Validate before decoding: Invalid Base64 (wrong characters, incorrect padding) will produce garbage output or throw errors. Check that the input contains only valid Base64 characters and has proper length (divisible by 4, after padding).
Never rely on Base64 for security: Base64 is encoding, not encryption. It provides zero confidentiality. Anyone can decode a Base64 string instantly. If you need to protect data, use AES encryption, then optionally Base64-encode the ciphertext for transport.

Frequently Asked Questions

What is Base64 encoding?

Base64 is a binary-to-text encoding scheme that represents binary data using 64 printable ASCII characters (A–Z, a–z, 0–9, +, /). It converts every 3 bytes of input into 4 ASCII characters, making binary data safe to transmit through text-based systems like email, JSON, XML, and URLs that may corrupt raw binary data. It is defined in RFC 4648.

Why does Base64 increase data size?

Base64 encodes 3 bytes (24 bits) of binary data into 4 ASCII characters (each representing 6 bits), resulting in approximately 33% size overhead. This is the inherent tradeoff of representing binary data in a text-safe format. The 33% increase is consistent regardless of the input content — text, images, or any other data.

What is URL-safe Base64?

URL-safe Base64 (Base64url, RFC 4648 Section 5) replaces the + character with - and / with _, and omits padding (=). This variant is safe to use in URLs, query parameters, filenames, and HTTP headers without additional percent-encoding. It's the standard encoding for JWT tokens, OAuth PKCE, and many web APIs.

Is Base64 encryption?

No, absolutely not. Base64 is an encoding scheme, not encryption. It is fully reversible without any key, password, or secret. Anyone can decode a Base64 string back to the original data using any Base64 decoder. Base64 provides zero confidentiality or security. For protecting data, use proper encryption algorithms like AES-256-GCM or RSA.

Where is Base64 used in web development?

Base64 is ubiquitous in web development: data URIs for embedding images/fonts in HTML/CSS, email MIME encoding for attachments, JWT tokens for header and payload encoding, HTTP Basic Authentication for credential encoding, API payloads for transmitting binary data in JSON, and WebSocket messages for binary frame encoding.

Can I encode files to Base64?

Our tool is optimized for text-to-Base64 and Base64-to-text conversions. For encoding binary files (images, PDFs), you can use JavaScript's FileReader.readAsDataURL() method, the command-line base64 utility on Linux/macOS, or [Convert]::ToBase64String() in PowerShell. Note that the 33% size overhead makes Base64 impractical for large files.

Is my data safe when using this tool?

Yes, completely. All encoding and decoding happens entirely in your browser using JavaScript's built-in btoa()/atob() functions with proper UTF-8 handling via TextEncoder/TextDecoder. Your data is never transmitted to any server, never logged, and never stored anywhere. The tool works fully offline once loaded.