Base64 Encoder & Decoder

Format	MIME Type	Prefix string
PNG Image	image/png	data:image/png;base64,
JPEG Image	image/jpeg	data:image/jpeg;base64,
GIF Image	image/gif	data:image/gif;base64,
SVG Image	image/svg+xml	data:image/svg+xml;base64,
WebP Image	image/webp	data:image/webp;base64,
PDF Document	application/pdf	data:application/pdf;base64,
Plain Text	text/plain	data:text/plain;base64,
JSON	application/json	data:application/json;base64,
HTML	text/html	data:text/html;base64,
CSS	text/css	data:text/css;base64,

1

Choose Your Mode

Select Text Mode for strings, File Mode for binary files, or Reference for the alphabet table and code examples.

2

Enter or Drop Your Data

Type or paste text (the tool auto-detects Base64 or plain text) or drag-and-drop files in File Mode.

3

Copy, Download, or Restore

Copy the result to clipboard, download it as a file, or restore a past operation from the History panel.

Encoding Size Overhead

output_chars = ceil(input_bytes / 3) × 4

Base64 encodes every 3 input bytes as 4 output characters, producing roughly 33% overhead. A 1 MB file becomes approximately 1.33 MB when Base64-encoded.

Standard vs URL-Safe Alphabet

standard: A–Z a–z 0–9 + / (64 chars); url_safe: A–Z a–z 0–9 − _ (RFC 4648 §5)

URL-safe Base64 replaces `+` with `-` and `/` with `_`, and typically omits padding `=`. This lets encoded strings safely appear in URLs and filenames without percent-encoding.

Padding Rule

pad_count = (4 − (input_bytes mod 3) × 4/3) mod 4

Base64 output always aligns to 4-character blocks, with `=` padding at the end. 1 remainder byte produces `==`, 2 remainder bytes produce `=`, 0 remainder bytes produce no padding.

Base64 A binary-to-text encoding scheme that represents binary data using 64 printable ASCII characters (A–Z, a–z, 0–9, plus two additional characters). Defined by RFC 4648.

URL-Safe Base64 A Base64 variant defined in RFC 4648 §5 that replaces `+` with `-` and `/` with `_`, making encoded strings safe for use in URLs and filenames without percent-encoding.

Padding The `=` character appended to Base64 output so the total length is a multiple of 4. Every 3 input bytes produce 4 output chars; incomplete 3-byte groups are padded to maintain alignment.

Data URI A URI scheme (RFC 2397) that embeds file data directly in a URL as `data:[mime-type];base64,[encoded-data]`. Browsers render data URIs without making HTTP requests.

btoa / atob The two legacy JavaScript functions for Base64 encoding (btoa, binary-to-ASCII) and decoding (atob, ASCII-to-binary). They work only on 8-bit character strings — Unicode requires TextEncoder.

MIME Multipurpose Internet Mail Extensions — the specification that originally introduced Base64 as a way to transmit binary data through text-only email systems. MIME Base64 adds a maximum line length of 76 chars.

🏢

DevTeam Alpha — Inline Logo as Data URI

A front-end team wants to inline a small 2 KB PNG logo directly in their CSS to avoid an extra HTTP request on the critical render path.

Input logo.png (2,048 bytes) Mode File → Base64 with data URI prefix Variant Standard Base64

Result: a 2,732-character data URI (`data:image/png;base64,iVBORw0...`) ready to paste into CSS as `background-image: url(data:image/png;base64,...)`. The 33% encoding overhead is more than offset by eliminating the HTTP request on first paint for a small critical image.

💻

Freelancer Kai — Decode JWT Header

A freelance developer is debugging an OAuth flow and needs to decode the URL-safe Base64 header of a JSON Web Token to verify the signing algorithm.

Input eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9 Mode Text → Decode Variant URL-safe Base64

Result: `{"alg":"HS256","typ":"JWT"}` — the JWT header confirms HMAC-SHA256 signing. The tool auto-detected URL-safe input from the presence of `-` and `_` characters and the absence of padding, which is typical for JWTs.

Base64 is one of the most ubiquitous text encodings in modern computing — it shows up in email attachments, data URIs, OAuth tokens, API responses, cryptographic libraries, and countless other places. Despite that ubiquity, many developers never think carefully about how it works, which variant they're using, or what guarantees it does and doesn't provide. The sections below cover the historical origin of Base64 in 1990s email infrastructure, the mechanics of how the encoding actually works bit-by-bit, and the practical guidelines for when Base64 is the right tool versus when it's being misused.

Why Base64 Exists: The 1990s Email Problem

Base64 was standardized in 1993 as part of the MIME specification (RFC 1421 and later RFC 2045), but the underlying problem dates back further: email protocols from the 1970s and 1980s assumed every byte in a message was a printable 7-bit ASCII character, because the SMTP servers and routers of the era would strip or corrupt any byte with the high bit set. This worked fine for English-language text but was hopeless for any binary attachment — images, executables, non-ASCII text, anything. MIME introduced several encodings to solve this (Quoted-Printable for mostly-text content, Base64 for arbitrary binary), and Base64 quickly became the dominant choice because it handles any byte sequence without special cases. The 1990s problem has since generalized to every protocol that expects text: storing binary data in JSON or XML documents, embedding binary in URLs, passing binary through shell pipelines, writing binary into source code as string literals. In every case, Base64 is the safe bet precisely because it only uses 64 characters that every text system handles identically. The cost is 33% size overhead, which is the inherent trade-off for text safety.

How the Encoding Actually Works

Base64 operates on groups of 3 input bytes (24 bits) at a time, redividing those 24 bits into 4 groups of 6 bits each, and mapping each 6-bit group to one character from the 64-character alphabet (A–Z, a–z, 0–9, plus `+` and `/` in standard Base64, or `-` and `_` in URL-safe). 6 bits can represent 64 values (2⁶), which is where the name comes from. When the input length is not a multiple of 3 bytes, the last group is padded with zero bits and the output is padded with `=` characters to maintain the 4-character alignment: 1 remainder byte produces 2 output chars plus `==`, and 2 remainder bytes produce 3 output chars plus `=`. Decoding reverses the process: the `=` padding is stripped, 4 output characters are grouped together and mapped back to 24 bits, and those 24 bits are split back into 3 output bytes. Several common variations extend this basic scheme: Base64url (no padding, URL-safe alphabet), Base64 with line wrapping at 64 or 76 characters for MIME compatibility, and Base32 or Base16 for use cases where the narrower alphabets provide advantages (case-insensitive storage, error detection).

When Base64 Is the Right Tool — and When It Isn't

Base64 is the correct choice when you need to embed binary data in a text-only medium: inline images in HTML or CSS via data URIs, binary payloads in JSON or XML, OAuth tokens and signed cookies, binary attachments in email, embedded cryptographic keys in configuration files. In all of these cases the alternative would be either shell escaping (fragile) or avoiding binary content entirely (limiting). Base64 is the wrong tool for three common misuses. First, Base64 is not encryption — anyone with the encoded string can trivially decode it in milliseconds using any tool including this one. Never use Base64 to protect sensitive data; use proper encryption like AES-GCM or ChaCha20-Poly1305 for confidentiality and proper password hashing like bcrypt or Argon2 for credentials. Second, Base64 is not compression — it adds 33% overhead rather than reducing size. For transferring large files efficiently, use gzip or brotli compression before Base64 (if Base64 is required downstream) or skip Base64 entirely if the transport is already binary-safe. Third, Base64 is not obfuscation for security purposes — hiding a URL or API key in Base64 inside client-side JavaScript provides zero protection against any attacker who opens the browser developer tools. If it matters for security, Base64 is probably not the right layer to think about it.

What is Base64 encoding?+

Base64 is a binary-to-text encoding scheme that represents binary data using 64 printable ASCII characters (A–Z, a–z, 0–9, `+`, `/`). It's used to embed images in HTML/CSS, transmit binary data over text-based protocols like email, store complex data in JSON or XML, and pass binary payloads through REST APIs.

What is URL-safe Base64?+

Standard Base64 uses `+` and `/`, which have special meaning in URLs. URL-safe Base64 (RFC 4648 §5) replaces `+` with `-` and `/` with `_`, and typically omits the padding `=` signs. This lets the encoded string appear safely in URLs and filenames without percent-encoding.

Why is the Base64 output larger than the input?+

Base64 encodes 3 bytes into 4 characters, producing approximately 33% overhead. The formula is ceil(n/3) × 4 output characters for n input bytes. This overhead is the trade-off for representing arbitrary binary data as printable ASCII text safely.

Is my data safe using this tool?+

Yes — this tool runs entirely in your browser using JavaScript. No data is sent to any server. You can verify this by disconnecting from the internet — the tool will continue to work perfectly because everything is processed locally using btoa, atob, TextEncoder, and the FileReader API.

Can I encode binary files like images or PDFs?+

Yes — switch to File Mode and drop any file onto the drop zone. The tool reads the file using the FileReader API and encodes the raw bytes to Base64. You can optionally include the data URI prefix (e.g., `data:image/png;base64,...`) for direct use in HTML or CSS.

Is Base64 the same as encryption?+

No — Base64 is encoding, not encryption. Anyone with the Base64 string can instantly decode it with no secret key involved. Never use Base64 to protect sensitive data. Use proper encryption (AES-GCM, ChaCha20-Poly1305) for confidentiality and proper hashing (bcrypt, Argon2) for passwords.

What is the maximum file size I can encode?+

There is no hard limit — it depends on your browser's available memory. In practice, files up to about 50 MB work fine in modern browsers. Very large files (100+ MB) may cause the tab to slow down or run out of memory. The tool shows a warning for files over 5 MB.

How do I decode Base64 in Python?+

Use the built-in base64 module: `import base64; decoded = base64.b64decode("SGVsbG8=")`. For URL-safe Base64, use `base64.urlsafe_b64decode()` instead. The result is a bytes object — call `.decode('utf-8')` to get a string.

How do I decode Base64 in JavaScript?+

For ASCII text, `atob("SGVsbG8=")` returns the decoded string. For Unicode strings, use TextDecoder: `new TextDecoder().decode(Uint8Array.from(atob(b64), c => c.charCodeAt(0)))`. For URL-safe Base64, replace `-` with `+` and `_` with `/` before calling atob.

What is a data URI?+

A data URI is a scheme that embeds file data directly in a URL: `data:[mime-type];base64,[encoded-data]`. For example, `data:image/png;base64,iVBORw0...` is a complete PNG image encoded inline. Browsers render data URIs directly without making an HTTP request, making them useful for embedding small assets.

Base64 Alphabet — All 64 Characters

Common Data URI Prefixes

Code Snippets

How to Use This Calculator

Choose Your Mode

Enter or Drop Your Data

Copy, Download, or Restore

Formula & Methodology

Key Terms Explained

Real-World Examples

DevTeam Alpha — Inline Logo as Data URI

Freelancer Kai — Decode JWT Header

Base64 Explained: Where It Came From, How It Works, and When to Use It

Why Base64 Exists: The 1990s Email Problem

How the Encoding Actually Works

When Base64 Is the Right Tool — and When It Isn't

Frequently Asked Questions

Base64 Encoder & Decoder

Base64 Alphabet — All 64 Characters

Common Data URI Prefixes

Code Snippets

How to Use This Calculator

Choose Your Mode

Enter or Drop Your Data

Copy, Download, or Restore

Formula & Methodology

Key Terms Explained

Real-World Examples

Base64 Explained: Where It Came From, How It Works, and When to Use It

Why Base64 Exists: The 1990s Email Problem

How the Encoding Actually Works

When Base64 Is the Right Tool — and When It Isn't

Frequently Asked Questions

Keep Exploring

Related calculators

Guides & articles