Encode plain text or binary data to Base64 and decode Base64 strings back to readable text. Everything runs in your browser — your data is never transmitted to any server or stored anywhere.
Base64 is a binary-to-text encoding scheme that represents binary data using only 64 printable ASCII characters: the uppercase letters A–Z, lowercase letters a–z, digits 0–9, plus (+), and forward slash (/). The name comes directly from the 64-character alphabet used. A 65th character, the equals sign (=), is used for padding at the end of encoded data when the input length is not a multiple of 3 bytes.
Base64 was standardised in RFC 2045 as part of the MIME specification for email attachments and has since become one of the most ubiquitous encoding schemes in computing. It solves a specific problem: many systems — email servers, HTTP headers, XML documents, HTML attributes — are designed to handle text and may corrupt or truncate binary data that contains control characters, null bytes, or bytes above 127. Base64 converts binary data into a safe text representation that can pass through any text-based system without corruption.
Base64 processes input in groups of 3 bytes (24 bits) at a time. Each group of 24 bits is split into four 6-bit values. Each 6-bit value (which can represent 0–63) is mapped to a character in the Base64 alphabet. This means every 3 bytes of input becomes exactly 4 characters of Base64 output, producing an approximately 33% size increase. If the input length is not divisible by 3, one or two padding characters (=) are added to the end to make the output length a multiple of 4.
For example, the three bytes representing "Man" (ASCII 77, 97, 110) in binary are 01001101 01100001 01101110. Split into four 6-bit groups: 010011 010110 000101 101110. These map to the Base64 characters T, W, F, u — so "Man" encodes to "TWFu". This deterministic mapping means the same input always produces the same output, making Base64 an encoding rather than an encryption.
Base64 is used pervasively across web development. Data URIs embed images, fonts, and other binary files directly into HTML or CSS without a separate HTTP request, using the format data:image/png;base64,iVBORw0KGgo.... HTTP Basic Authentication encodes username and password as Base64 in the Authorization header. JWT (JSON Web Tokens) use Base64URL encoding (a variant that replaces + and / with - and _ to make tokens URL-safe) for their header and payload sections. Email attachments are Base64-encoded by MIME. API responses sometimes return binary file content as Base64 to keep the response in pure JSON format.
Standard Base64 uses + and / characters, which have special meanings in URLs. Base64URL is a variant that substitutes - for + and _ for /, making the encoded string safe to include in URLs and filenames without percent-encoding. JWTs use Base64URL without padding (no = characters). This tool implements standard Base64. If you need to decode a JWT payload, replace - with + and _ with / before pasting, or use a dedicated JWT decoder.
No. Base64 is an encoding, not an encryption. It provides no security whatsoever — any Base64 string can be decoded by anyone instantly using any Base64 decoder. Do not use Base64 to hide sensitive data. If you see Base64 in a security context, it is only being used as a transport encoding, with actual security provided by the underlying protocol (HTTPS, for example) or a separate encryption layer applied before Base64 encoding.
Encode and decode Base64 programmatically via the Toolpad REST API:
POST https://api.toolpad.in/api/v1/datatools/encode/base64 — body: {"input":"your text"}
POST https://api.toolpad.in/api/v1/datatools/decode/base64 — body: {"input":"base64 string"}