A Base64 encoder and decoder is a free online developer tool that instantly converts plain text or binary data into Base64-encoded strings — and decodes Base64 strings back into their original plain text — directly in your browser, with no installation, no account, and no server transmission required.
Base64 is built into the authentication systems of virtually every web application, embedded in millions of email attachments sent every day, used to embed images directly into HTML and CSS files, encoded into JSON Web Tokens that power modern API security, and embedded in data URIs, SSL certificates, and cryptographic keys across the entire internet.
Base64 is a binary-to-text encoding scheme that represents binary data using only 64 printable ASCII characters:
Base64 was created to solve a fundamental compatibility problem: binary data cannot safely pass through systems designed to handle only text. The original internet protocols — email (SMTP), HTTP — were designed for 7-bit ASCII text. Base64 solves this by encoding any binary data using only the 64 printable ASCII characters that are safe to transmit through every text-based system.
Example — encoding "Hi": H = ASCII 72 = binary 01001000, i = ASCII 105 = binary 01101001. Combined and regrouped into 6-bit chunks → decimal values 18, 6, 36 → Base64 characters S, G, k, = → Result: SGk=
Standard Base64 uses + and / as its 62nd and 63rd characters. These have special meanings in URLs — + means space in URL encoding, and / is a path separator. Base64URL solves this by replacing:
+ with - (hyphen)/ with _ (underscore)= is often omitted entirely| Feature | Standard Base64 | Base64URL |
|---|---|---|
| Characters 62–63 | + and / | - and _ |
| Padding | = included | Often omitted |
| Safe in URLs | ❌ No | ✅ Yes |
| Safe in filenames | ❌ No | ✅ Yes |
| Used in | Email, general encoding | JWT, OAuth, URL parameters |
HTTP Basic Authentication encodes credentials as username:password in Base64 and sends them in the Authorization header: Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=. Decoding reveals username:password.
JWTs consist of three Base64URL-encoded segments separated by dots. Decoding the header reveals the algorithm. Decoding the payload reveals the claims — user ID, name, expiration time, roles, and custom data. A Base64 decoder is an essential tool for JWT debugging.
The MIME standard uses Base64 to encode binary files — PDFs, images, Word documents — for safe transmission through email servers designed for text. Every email attachment you have ever sent or received has been Base64-encoded and decoded transparently by your email client.
Base64-encoded images can be embedded directly into HTML and CSS files as data URIs — eliminating the need for a separate HTTP request for each image: <img src="data:image/png;base64,iVBORw0...">
SSL certificates are commonly stored in PEM format — which is Base64-encoded DER data wrapped in -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- header lines.
Kubernetes secrets and Docker secrets store sensitive configuration values as Base64-encoded strings. A Base64 encoder converts plain-text secrets to the encoded format required by these systems.
Base64 encoding increases data size by approximately 33%. The exact formula: Encoded size = ⌈Original size ÷ 3⌉ × 4.
| Original Size | Base64 Size | Overhead |
|---|---|---|
| 3 bytes | 4 characters | 33.3% |
| 100 bytes | 136 characters | 36% |
| 1 KB | ~1.37 KB | 37% |
| 1 MB | ~1.37 MB | 37% |
| 10 MB | ~13.7 MB | 37% |
⚠️ Critical: Base64 is NOT encryption. Base64 is NOT security. Base64 is NOT obfuscation. Anyone who sees a Base64 string can decode it instantly — without any key or password. It is simply a different representation of the same data. If you need to protect data, use genuine encryption (AES, RSA, TLS).
Yes. This online Base64 tool is 100% free with no registration, no subscription, and no payment required. Encode and decode as many times as you need.
No. A privacy-respecting Base64 encoder and decoder processes all input entirely within your browser using local JavaScript. Your data — including any sensitive API keys, tokens, or credentials — is never transmitted to any server, stored, or logged.
No — absolutely not. Base64 is a reversible encoding scheme that anyone can decode without any key or password. It provides zero security or confidentiality. Never use Base64 alone for security purposes.
The = characters are padding. Base64 encodes 3 bytes of input into 4 characters of output. When the input length is not divisible by 3, padding characters are added to make the output length a multiple of 4. One = means one byte of padding was added; == means two bytes of padding.
A JWT consists of three Base64URL-encoded segments separated by dots. Copy the first segment (header) or second segment (payload) and paste it into a Base64URL decoder. The decoded output is a JSON object — the header contains the algorithm, the payload contains the claims. Note that the third segment (signature) is a cryptographic hash and decodes to binary data, not readable text.
Yes. Images can be Base64-encoded and embedded directly in HTML as data URIs. This eliminates separate HTTP requests for small images. However, Base64-encoded images are approximately 37% larger than the original binary file, so this technique is best suited for small images like icons and logos.
Non-ASCII text must first be encoded as bytes using UTF-8. The UTF-8 bytes are then Base64-encoded. When decoding, the Base64 is decoded to bytes first, then those bytes are interpreted as UTF-8 to recover the original text. Most modern Base64 tools handle this automatically.
On Linux and macOS: echo -n 'text' | base64 to encode and echo 'base64string' | base64 --decode to decode. On Windows PowerShell: [Convert]::ToBase64String([Text.Encoding]::UTF8.GetBytes('text')) to encode.
Use our free Free Online Base64 Encoder / Decoder — no signup, no download, works instantly on any device.
Open Free Online Base64 Encoder / Decoder — Free →