What Base64 is for
Base64 is an encoding that represents binary or text data using only 64 safe ASCII characters — A–Z, a–z, 0–9, plus two symbols. Its job is not to hide or compress data but to let arbitrary bytes travel safely through systems that were designed for plain text: email attachments, JSON payloads, data URIs that embed images directly in HTML or CSS, HTTP headers, and API tokens. Whenever you have seen a long string of seemingly random letters and equals signs, it was probably Base64.
How the encoding works
Base64 takes three bytes (24 bits) at a time and splits them into four groups of six bits, mapping each group to one of the 64 characters. Because six bits have 64 possible values, the mapping is exact and reversible. When the input length is not a multiple of three, the output is padded with one or two = signs so decoders know how many bytes to expect. The side effect is that Base64 output is always about 33% larger than the original — a fair trade for guaranteed safe transport.
Why UTF-8 handling matters
Naive Base64 tools break on anything beyond plain ASCII, turning an emoji or an accented name into garbled characters. This tool first converts your text to UTF-8 bytes with the browser's TextEncoder, encodes those bytes, and reverses the process with TextDecoder on the way back. That means “Café”, “naïve”, Cyrillic, Chinese, and emoji all encode and decode perfectly — a common failure point elsewhere that this tool handles correctly.
The URL-safe variant
Standard Base64 uses + and /, but both have special meaning in URLs and file paths, so pasting standard Base64 into a link can corrupt it. The URL-safe toggle swaps those for - and _ and drops the trailing padding, producing a string you can safely use in a query parameter, a JWT, or a filename. Decode works with either variant, so you can paste whatever you were given.
Privacy and security
All encoding and decoding happens in your browser. Nothing you type is sent to a server, saved, or logged, so it is safe to decode a token or encode private data here. Remember, though, that Base64 is encoding, not encryption — anyone can decode it. Never treat Base64 as a way to protect secrets; use it only to move data through text-only channels.