Base64 Encoder / Decoder

Encode text to Base64 or decode it back.

Encode and decode Base64 online, instantly

Base64 turns up all over modern software, yet it is rarely explained clearly. This free Base64 encoder and decoder converts plain text into Base64 and back again as you type, with full Unicode support and one-click copying. Everything runs in your browser, so even sensitive values like API tokens never leave your device. Whether you are debugging a request, building a data URI or just curious what a Base64 string contains, this tool gives you the answer immediately.

The problem Base64 solves

Computers store everything — images, documents, text — as binary data, meaning raw bytes. But many systems were built to handle only plain, printable text, and specifically a limited set of safe characters. Email, URLs and JSON can all choke on raw binary bytes. Base64 bridges that gap by representing any binary data using just 64 characters that every text system understands: the letters A–Z and a–z, the digits 0–9, plus the symbols "+" and "/". The result is text that can travel safely anywhere plain text can go.

How it works

Base64 processes data three bytes at a time. Those 24 bits are re-sliced into four groups of six bits, and each six-bit group maps to one of the 64 safe characters. When the data does not divide evenly into groups of three, one or two "=" characters are added as padding. There is one trade-off worth knowing: the encoded output is about 33% larger than the original, because four characters are used to represent every three bytes. That size increase is the price of universal compatibility.

The most important point: encoding is not encryption

Because Base64 looks like scrambled gibberish, people sometimes assume it hides information. It does not. There is no key and no secret involved — anyone can decode a Base64 string in seconds using a tool exactly like this one. Never rely on Base64 to protect passwords, tokens or personal data. If you need genuine confidentiality, you need real encryption such as AES. The right way to think about Base64 is as a method to transport data safely, not to secure it.

Where you will meet Base64

  • Data URIs — small images embedded directly in HTML or CSS, avoiding a separate network request.
  • Email attachments — the MIME standard uses Base64 to send files through a text-based system.
  • HTTP Basic authentication — credentials are Base64-encoded in the request header, which is exactly why that header must always be sent over HTTPS.
  • JSON Web Tokens (JWTs) — their segments are Base64-encoded.
  • APIs — binary payloads are often Base64-encoded so they fit neatly inside JSON.

How to use the tool

Choose Encode to turn plain text into Base64, or Decode to turn Base64 back into readable text. The result updates live as you type — there is no button to press. If you decode a string that is not valid Base64, you will see a clear error explaining the likely cause, such as missing padding or stray characters. The handy Swap action moves the output into the input and reverses direction, so you can round-trip a value in a single click to confirm it encodes and decodes cleanly.

Full Unicode support

A common weakness in simple Base64 tools is mangling non-English text. This one first converts your input to UTF-8 bytes before encoding, which means emoji and every writing system — from Urdu and Arabic to Chinese and Cyrillic — survive the round trip intact. Encode a message, decode it back, and you will get exactly what you started with, character for character.

Standard Base64 and the URL-safe variant

There is a subtle detail worth knowing when you work with Base64 in web contexts. Standard Base64 uses the characters + and / in its alphabet, along with = for padding. That is fine in most places, but those three characters all carry special meaning inside URLs, where + can mean a space, / is a path separator, and = separates query parameters. To avoid mangling, a URL-safe Base64 variant exists that swaps + for - and / for _, and often drops the padding altogether. This is the variant used inside JSON Web Tokens, for example, which is why a JWT looks like Base64 but never contains a slash or a plus sign. When you decode a token or a URL parameter that will not resolve with a standard decoder, a URL-safe encoding is often the reason. Understanding the two flavours helps you reason about where a given encoded string came from and why it uses the characters it does — a small piece of knowledge that saves a surprising amount of debugging time.

Frequently asked questions

What is Base64 encoding?

Base64 represents binary data using 64 safe ASCII characters. It lets binary content travel through systems that only handle text, such as email, JSON and data URIs.

Does it support emoji and non-English text?

Yes. Text is converted to UTF-8 before encoding, so emoji, Arabic, Urdu, Chinese and every other Unicode character encode and decode correctly.

Is Base64 the same as encryption?

No. Base64 is an encoding, not encryption. Anyone can decode it instantly, so never use it on its own to protect passwords or sensitive data.

Why won't my Base64 decode?

Usually because of missing padding, whitespace or line breaks inside the string, or characters outside the Base64 alphabet. The tool flags invalid input with an error.