Skip to content

Base64 Encode / Decode

Encode or decode Base64 instantly with full UTF-8 support — emoji and accents work, all in your browser.

Privacy: your files never leave your device. All processing happens locally in your browser.

How to use

  1. 1.Choose a direction: Encode (text → Base64) or Decode (Base64 → text).
  2. 2.Type or paste your input — the result updates instantly in the output box below.
  3. 3.Click Copy to grab the result, or Swap direction to feed it straight back through.

About Base64 Encode / Decode

Base64 turns arbitrary bytes into a safe 64-character alphabet (A–Z, a–z, 0–9, plus + and /) so binary data can travel through channels that only accept text. This tool follows the RFC 4648 standard exactly, including the '=' padding rules, and converts in real time as you type — no button to press, nothing sent to a server.

The part most tools get wrong is Unicode. The browser's built-in btoa() only accepts Latin-1 characters (code points 0–255), so it throws an error the moment you feed it café, 你好, or 😀. This encoder solves that the correct way: it first encodes your text to UTF-8 bytes with TextEncoder, then applies Base64 to those bytes. Decoding reverses the process and validates the result with a strict UTF-8 decoder, so malformed input is caught instead of producing silent garbage.

Why the padding matters: Base64 groups three input bytes (24 bits) into four 6-bit characters. When the input length isn't a multiple of three, the output is padded with one or two '=' signs — that's why 'f' becomes 'Zg==' and 'foobar' becomes 'Zm9vYmFy'. Correct padding keeps the encoded length a multiple of four, which every compliant decoder expects.

You'll meet Base64 constantly: data: URIs that embed images or fonts directly in HTML and CSS, email attachments (MIME), the three dot-separated segments of a JSON Web Token (JWT), Basic HTTP auth headers, and API payloads that carry binary blobs as JSON strings. Note that Base64 is an encoding, not encryption — it offers no secrecy, only safe transport of bytes as text.

Because every conversion happens locally in your browser with the Web Crypto-era standard APIs, your text never leaves your device. That makes it safe to paste tokens, config snippets, or private data without worrying about it being logged or uploaded anywhere.

Methodology & sources

Follows the RFC 4648 §4 standard Base64 alphabet and padding rules. Text is encoded to UTF-8 bytes with TextEncoder before Base64 (avoiding btoa's Latin-1 limitation); decoding validates the byte stream with a strict fatal:true UTF-8 decoder so invalid input is rejected rather than silently corrupted. Encoding is implemented byte-by-byte to handle large inputs without stack overflow.

Frequently asked questions

Does this support emoji, Chinese, and accented characters?
Yes. Unlike the browser's raw btoa(), this tool encodes your text to UTF-8 bytes first, so café, 你好, and 😀 all encode and decode correctly instead of throwing an error.
Why does my Base64 end with = or ==?
Those are padding characters. Base64 encodes three bytes into four characters, so when the input length isn't a multiple of three, one or two '=' signs are added to keep the output a multiple of four, as required by RFC 4648.
Is Base64 a form of encryption?
No. Base64 is a reversible encoding designed to move binary data safely through text-only channels. Anyone can decode it, so it provides no confidentiality — never use it to protect passwords or secrets.

Encoding & Crypto guides

View all