Base64 Encoder / Decoder
Encode text to Base64 or decode Base64 back to text. Full UTF-8 support — emojis, accented characters, and non-Latin scripts all work correctly. Runs entirely in your browser, so it's safe for auth headers, API tokens, and other sensitive data.
Quick answer
Base64 encodes 3 bytes of binary into 4 ASCII characters from the set A–Z, a–z, 0–9, +, /. Padding with = to a multiple of 4 is required. Uses native btoa and atob with UTF-8 normalization.
Base64 Encoder / Decoder
How Base64 encoding works
Base64 takes 3 bytes (24 bits) of binary input and represents them as 4 characters (6 bits
each) from a 64-character alphabet: uppercase A–Z, lowercase a–z, digits 0–9, plus
+ and /. When the input length isn't a multiple of 3, the output
is padded with one or two = characters so the final length is always a
multiple of 4.
There are several variants: standard Base64 (used here), URL-safe Base64 (replaces
+ and / with - and _ so the output
can appear in a URL without escaping), and MIME Base64 (standard, but with line breaks
every 76 characters). This tool produces standard Base64, which is accepted by all major
decoders.
Browser btoa only accepts Latin-1 characters, which breaks on any string
containing emojis, Chinese, Japanese, or even accented European characters. This tool
uses the btoa(unescape(encodeURIComponent(text))) idiom, which first
UTF-8-encodes the string, then Base64-encodes the resulting byte sequence. Decoding uses
the inverse: decodeURIComponent(escape(atob(b64))).
When to use it
Base64 shows up any time you need to transport binary data through a text-only channel:
email attachments (MIME), embedded images in HTML (data:image/png;base64,...),
HTTP Basic Auth headers (Authorization: Basic base64(user:pass)), JWT tokens
(header and payload are Base64-URL encoded), and binary fields inside JSON APIs.
It's also useful for obfuscating (not protecting) data that needs to survive a copy-paste through chat apps, forms, or command lines without getting mangled by special characters. But remember — it's encoding, not encryption. Treat Base64-encoded secrets as plain text.
Common mistakes
- Confusing Base64 with encryption. It's a reversible encoding. Anyone can decode it in milliseconds. Never use Base64 to "protect" a password or API key.
- Using raw btoa on UTF-8 strings. Node.js and browsers both bork on non-Latin-1 characters. This tool handles UTF-8 correctly.
- Forgetting padding. Many decoders require the trailing
=characters. If you strip them, re-add them (the count is4 − (len % 4), or zero if len % 4 is 0). - Mixing URL-safe and standard variants. If your input has
-and_, it's URL-safe Base64 and may fail on a standard decoder. Replace them with+and/first.
Frequently asked questions
What is Base64 encoding?
A binary-to-text encoding that represents binary data using 64 printable ASCII characters. Used for safe transport through text-only systems.
Is Base64 encryption?
No. It's encoding, not encryption. Anyone can decode Base64 in seconds — it provides zero security.
Why does Base64 make data larger?
3 bytes of binary become 4 characters of Base64 — a 33% size increase. Padding adds up to 2 more characters.
Does this tool handle Unicode?
Yes. The browser's raw btoa only handles Latin-1. This tool UTF-8-encodes first so emojis and non-Latin scripts work correctly.