What is Base64 encoding?
Base64 encoding is a binary-to-text encoding scheme that represents arbitrary binary data as a sequence of printable ASCII characters. It is one of the most widely used encoding formats in computing, appearing in email attachments, JWTs, data URIs, API payloads, and TLS certificates.
| Property | Value |
|---|---|
| Encoding standard | RFC 4648 §4 (text encoding) / RFC 2045 (MIME) |
| URL-safe variant | RFC 4648 §5 — Base64URL |
| Alphabet | A–Z, a–z, 0–9, +, / (64 characters) |
| Padding character | = (makes output length a multiple of 4) |
| Size overhead | ~33% larger than the source bytes |
| Reversible without a key | Yes |
| Provides encryption | No |
Origins and purpose
The name comes from the 64 printable characters that make up the encoding alphabet: uppercase A–Z, lowercase a–z, digits 0–9, and the symbols + and / (with = used as padding). This alphabet was chosen because all 64 characters are unambiguously representable in every 7-bit ASCII-compatible system.
Base64 was standardized as part of MIME (Multipurpose Internet Mail Extensions) in RFC 2045 in 1996, solving a concrete problem: SMTP email servers only transported 7-bit ASCII text. Attaching a binary file — an image, a PDF, an executable — required encoding its bytes as printable characters first. Base64 became that encoding layer and has never gone away.
How Base64 encoding works
Base64 processes input in 3-byte groups (24 bits). Each group is split into four 6-bit values, and each value is mapped to one of the 64 alphabet characters. The result is that every 3 bytes of binary input become 4 printable ASCII characters — roughly 33% larger than the original.
y → 0x79 → 01111001
e → 0x65 → 01100101
s → 0x73 → 01110011
24 bits → 011110 010110 010101 110011
30 22 21 51
e W V z
Result: "eWVz"For a complete step-by-step walkthrough of the algorithm including padding and the full 64-character lookup table, see How Base64 works.
Is Base64 encryption?
No. Base64 is encoding, not encryption. Encoding is a reversible transformation with no secret key — anyone who receives Base64 data can decode it immediately using any Base64 decoder, including this tool. The purpose of Base64 is safe transport and storage, not confidentiality.
If you need to protect data, use a proper encryption algorithm (AES-GCM, RSA-OAEP) before or after encoding. Many encrypted payloads are then Base64-encoded for transport — but the security comes from the encryption, not the encoding.
Base64 vs. hexadecimal
Both Base64 and hexadecimal (hex) encode binary data as printable text, but with different trade-offs:
| Property | Base64 | Hex |
|---|---|---|
| Output size | ~33% larger | ~100% larger |
| Alphabet size | 64 chars | 16 chars (0–9, a–f) |
| Human readable | Less so | More so (byte boundaries clear) |
| Common uses | Email, JWT, data URI, PEM | Hashes, color codes, memory dumps |
Base64 is preferred when minimizing output size matters. Hex is preferred when human readability of individual bytes matters, such as inspecting cryptographic hashes.
Where you encounter Base64
Base64 encoding is embedded in everyday web and network infrastructure:
- ·JSON Web Tokens (JWT) — all three segments are Base64URL-encoded
- ·Email attachments — MIME Content-Transfer-Encoding: base64
- ·Data URIs — data:image/png;base64,… in HTML and CSS
- ·PEM certificates — TLS certs, SSH keys, and GPG keys
- ·HTTP Basic Auth — Authorization: Basic base64(user:pass)
- ·Binary in JSON APIs — images, file chunks, or keys as strings
- ·WebSocket frames — binary protocol data encoded for text channels
See Base64 use cases for detailed examples and copy-pasteable code for each scenario.
When NOT to use Base64
Base64 solves a specific problem — binary data in text-only channels — and should not be reached for outside that context:
- ✕For security or encryption — Base64 is trivially reversible without any key. Storing a password or secret as Base64 provides no protection. Use a proper encryption algorithm (AES-GCM, ChaCha20) or a password hash (bcrypt, Argon2) instead.
- ✕When binary transport is available — HTTP/2 and gRPC carry binary frames natively. Encoding a request body as Base64 over these protocols adds the 33% overhead with no benefit. Use multipart/form-data or raw binary content types for file uploads.
- ✕For large files where overhead matters — A 1 GB file becomes ~1.37 GB when Base64-encoded. For bulk data transfers, streaming protocols or binary-safe channels are far more efficient. Base64 is appropriate for small-to-medium payloads (roughly up to a few MB).
- ✕As a checksum or integrity mechanism — Base64 encoding does not detect corruption or tampering. It carries whatever bytes it was given, errors included. Use a cryptographic hash (SHA-256) or a MAC (HMAC-SHA256) for integrity verification.
About base64tool
base64tool is a fast, private Base64 utility built on a single principle: your input never leaves your browser. Every encode, decode, and file upload runs locally using the browser's native TextEncoder, TextDecoder, and FileReader APIs — no server, no network requests, no analytics.
It supports standard Base64, URL-safe Base64 (Base64URL) for use in JWTs and filenames, and three character set options: UTF-8 (default), ASCII, and Latin-1 for legacy compatibility. Files can be encoded by uploading or dragging and dropping them directly onto the page.
Open the encoder / decoder →