0 chars0 B
0 chars0 B
$
Base64 Encoder/Decoder
Encode and decode Base64 strings instantly. Supports standard and URL-safe Base64, file uploads, and auto-detection.
What is Base64 encoding?
Base64 converts binary data into a text-safe ASCII string using 64 printable characters: AβZ, aβz, 0β9, plus + and /. Every 3 bytes of input become 4 output characters, which is why encoded data is roughly 33% larger than the original. It exists because many protocols and formats β email via MIME, JSON, XML, HTTP headers β were designed to carry text, not raw bytes. Base64 gives binary data a safe passport through text-only channels.
How does this tool work?
Paste text or upload a file, choose encode or decode, and the result appears instantly. The tool auto-detects whether your input is already Base64 and supports both the standard and URL-safe alphabets. Everything runs locally in your browser using the native atob/btoa and TextEncoder APIs β your data is never uploaded to a server, so it is safe to use with tokens, secrets, and internal config values.
Is Base64 encryption?
No β this is the most common misconception. Base64 is an encoding, not encryption: it has no key, and anyone can reverse it instantly. Never treat a Base64 string as protected data. Kubernetes secrets are a famous example β they are Base64-encoded in etcd, not encrypted, which is why kubectl get secret output can be decoded by anyone with read access. If you need confidentiality, encrypt first, then Base64-encode the ciphertext for transport.
Why does my Base64 string end with = signs?
The = characters are padding. Base64 works in 3-byte blocks; when input length is not a multiple of 3, the final block is padded and the output carries one = (2 bytes remaining) or two == (1 byte remaining) so decoders know how many bytes to discard. Some variants, like the Base64url encoding used in JWTs, drop the padding entirely β that is why JWT segments often fail in strict decoders until you re-add the = characters.
What is URL-safe Base64?
Standard Base64 uses + and /, which collide with reserved characters in URLs and file paths (+ becomes a space in query strings, / separates path segments). The URL-safe variant (RFC 4648 Β§5) swaps + for - and / for _ so encoded values can travel inside URLs, cookies, and filenames untouched. JSON Web Tokens, OAuth state parameters, and many API cursors use this variant. This tool can encode and decode both alphabets.
How do I Base64 encode on the Linux command line?
Use the coreutils base64 command: echo -n 'hello' | base64 encodes, and base64 -d decodes. The -n flag on echo matters β without it you encode a trailing newline, a classic cause of authentication failures when encoding credentials for Authorization: Basic headers. For files, base64 file.bin > file.txt and base64 -d file.txt > file.bin round-trip cleanly. GNU base64 wraps output at 76 columns by default; use -w 0 to disable wrapping for config files.
Common use cases
Day-to-day sysadmin and developer tasks where Base64 shows up: creating Kubernetes Secret manifests (data fields must be Base64), inspecting JWT header and payload segments, embedding small images as data: URIs in CSS or HTML, preparing Basic-auth headers, encoding binary values for .env files and cloud-init user data, and decoding email attachments or webhook payloads while debugging. This tool handles all of these without leaving the browser.