Related Tools
How to Use
- 1Enter your plain text or Base64 string in the input area.
- 2Click Encode to convert plain text into a Base64-encoded string. The output uses the standard Base64 alphabet (A-Z, a-z, 0-9, +, /) with padding (=).
- 3Click Decode to convert a Base64 string back to its original plain text. The tool handles standard and URL-safe Base64 variants.
- 4Review the output and click Copy to save the result to your clipboard, ready to paste into your code, API request, or configuration file.
About Base64 Encode/Decode
The Base64 Encoder/Decoder converts between plain text and Base64 encoding instantly. Base64 is a binary-to-text encoding scheme defined in RFC 4648 that represents data using 64 ASCII characters (A-Z, a-z, 0-9, +, /), making it safe for transport through text-only channels like email (MIME), URLs, JSON payloads, and XML documents that cannot handle raw binary data.
Developers encounter Base64 encoding constantly in everyday work. HTTP Basic Authentication headers encode credentials as Base64 (the 'Authorization: Basic dXNlcjpwYXNz' header is literally 'user:pass' Base64-encoded). Data URIs embed images directly in HTML and CSS using Base64 strings. JWT tokens contain Base64url-encoded header and payload sections. API webhooks frequently include Base64-encoded binary data in JSON fields. Understanding and quickly converting Base64 is a fundamental developer skill.
This tool handles Unicode text correctly by first encoding it as UTF-8 before applying Base64 conversion. This is important because Base64 operates on bytes, not characters, and many characters outside the ASCII range (accented letters like e with accent, emoji, CJK characters, Cyrillic, Arabic) require multi-byte UTF-8 sequences. Without proper UTF-8 handling, round-trip encode/decode operations would corrupt non-ASCII text. This tool preserves all Unicode characters correctly through the full encode/decode cycle.
A common source of confusion is the difference between encoding and encryption. Base64 is encoding — a reversible transformation that makes data text-safe. It provides zero security. Anyone can decode a Base64 string instantly, with no key or password needed. If you see a Base64-encoded API key or password in a configuration file, that data is not protected in any way. Base64 is designed for format compatibility, not confidentiality. For actual security, use proper encryption (AES, RSA) or hashing (SHA-256).
Base64 encoding increases data size by approximately 33%. Every 3 bytes of input produce 4 bytes of Base64 output (3 bytes = 24 bits, represented by 4 six-bit groups, each mapped to one ASCII character). This overhead is the cost of text-safe representation. For small payloads like authentication tokens and API keys, the overhead is negligible. For large binary files like images, the size increase matters — which is why data URIs with large Base64-encoded images can significantly increase HTML file size and should be used sparingly.
All encoding and decoding happens locally in your browser using JavaScript's built-in btoa()/atob() functions (with UTF-8 wrappers for Unicode support). No data is transmitted to any server. This is especially important when decoding sensitive content — JWT tokens, API keys, authorization headers, and encrypted payloads should never be pasted into third-party web services that send your data to their servers.
Frequently Asked Questions
What is Base64 encoding?
Base64 is a binary-to-text encoding scheme defined in RFC 4648 that converts arbitrary binary data into a string using 64 printable ASCII characters (A-Z, a-z, 0-9, +, /). It is used to embed binary data in text-only formats like JSON, XML, email (MIME), URLs, and HTTP headers. It is not encryption — anyone can decode Base64 without a key.
Does it support Unicode and non-English characters?
Yes. The tool encodes text as UTF-8 before applying Base64 conversion, which means accented characters, emoji, CJK characters, Cyrillic, Arabic, and all other Unicode text is correctly preserved through encode and decode operations. This is essential for internationalized content.
Is Base64 the same as encryption?
No. Base64 is encoding, not encryption. It is a fully reversible, public transformation — anyone can decode a Base64 string instantly without any key, password, or secret. Base64 is designed to make binary data safe for text-based transport, not to protect sensitive information. For security, use proper encryption algorithms like AES or RSA.
Why is my Base64 output longer than the input?
Base64 encoding increases data size by approximately 33% because it represents every 3 bytes of input as 4 ASCII characters. This overhead is inherent to the encoding scheme and is the trade-off for making binary data text-safe. For example, a 100-byte input produces roughly 136 characters of Base64 output (plus potential padding characters).
Is my data sent to a server?
No. All encoding and decoding runs locally in your browser using native JavaScript functions. Your text never leaves your device — making this safe for decoding JWT tokens, API keys, authorization headers, and any other sensitive data that should not be exposed to third-party services.
What is the difference between standard Base64 and URL-safe Base64?
Standard Base64 uses + and / characters, which have special meaning in URLs (+ means space, / is a path separator). URL-safe Base64 (Base64url) replaces + with - and / with _, making it safe for use in URLs, query parameters, and filenames. JWT tokens use Base64url encoding for this reason.
When should I use Base64 encoding?
Common use cases include: embedding small images in HTML/CSS as data URIs, encoding credentials for HTTP Basic Authentication headers, passing binary data in JSON API payloads, encoding email attachments via MIME, and encoding data for URL query parameters. Avoid Base64 for large files where the 33% size overhead matters — direct binary transfer is more efficient when the transport supports it.
Can I use this to decode JWT tokens?
You can decode the individual parts of a JWT (header and payload are Base64url-encoded JSON strings), but for a better experience with JWTs specifically, use a dedicated JWT decoder that parses all three parts (header, payload, signature) and displays the claims in a structured format.