Base64 Encoder & Decoder
Encode and decode Base64 instantly. URL-safe variant supported.
What Is Base64?
Base64 is an encoding scheme that converts binary data into a text representation using 64 printable ASCII characters. It was originally designed for email (MIME) to safely transmit binary attachments through text-only systems.
The name "Base64" refers to the 64-character alphabet: A-Z (26), a-z (26), 0-9 (10), +, and /, with = used for padding.
Common Use Cases
- Email attachments (MIME): SMTP only supports 7-bit ASCII. Base64 encodes binary attachments for safe transport.
- Data URIs: Embed images directly in HTML/CSS:
data:image/png;base64,iVBOR... - JSON Web Tokens (JWTs): JWT headers and payloads are URL-safe Base64 encoded JSON objects.
- API payloads: Embedding binary data (files, images) in JSON requests.
- HTTP Basic Auth: Credentials are Base64-encoded in the
Authorizationheader (but this is NOT secure without HTTPS).
Base64 Is NOT Encryption
This is the most common misconception about Base64. Base64 is a reversible encoding — anyone can decode it instantly. It provides absolutely no security or confidentiality.
Never use Base64 to:
- Hide passwords or API keys
- "Encrypt" sensitive data
- Obscure secrets in configuration files
If you need security, use proper encryption (AES-256-GCM) or hashing (SHA-256 for integrity, bcrypt for passwords).
Standard vs URL-Safe Base64
| Property | Standard (RFC 4648 §4) | URL-Safe (RFC 4648 §5) |
|---|---|---|
| Character 62 | + | - |
| Character 63 | / | _ |
| Padding | = (required) | = (often omitted) |
| Use case | Email, general encoding | URLs, filenames, JWTs |
URL-safe Base64 replaces characters that have special meaning in URLs (+ is a space, / is a path separator), making it safe for query parameters and file names.
Frequently Asked Questions
What is Base64 encoding?
Base64 is a binary-to-text encoding scheme that represents binary data using 64 ASCII characters (A-Z, a-z, 0-9, +, /). It is commonly used to transmit binary data over text-based protocols like email (MIME), HTTP headers, and JSON. Base64 increases data size by approximately 33%.
Is Base64 encryption?
What is URL-safe Base64?
Standard Base64 uses + and / which have special meaning in URLs. URL-safe Base64 replaces them with - and _, and optionally removes padding (=). This variant is used in JWTs, URL parameters, and filename-safe contexts. It is defined in RFC 4648 Section 5.
Why does Base64 make data 33% larger?
Base64 encodes every 3 bytes (24 bits) of input into 4 characters (6 bits each). So the output is always 4/3 the size of the input, plus optional padding. For example, a 30 KB image becomes ~40 KB when Base64-encoded. This trade-off is acceptable for small payloads but inefficient for large files.
Where is Base64 commonly used?
Common use cases include: Email attachments (MIME encoding), data URIs in HTML/CSS (data:image/png;base64,...), JWTs (JSON Web Tokens use URL-safe Base64), API payloads (embedding binary data in JSON), and basic HTTP authentication headers.