Base64 Encoder & Decoder

What is Base64 Encoding?

Base64 is a binary-to-text encoding scheme that represents binary data using a set of 64 printable ASCII characters (A-Z, a-z, 0-9, +, /) plus = for padding. An early form was used in RFC 989 (1987, PEM); its MIME-context definition came with RFC 1341 (1992). The current standard is RFC 4648 §4 (2006). The encoding converts every 3 bytes (24 bits) of input into 4 ASCII characters (4 × 6 bits), making the output approximately 33% larger than the original data.

How the encoding works

The input is split into 3-byte groups. Each 3-byte group becomes one 24-bit value, which is then split into four 6-bit groups. Each 6-bit group (a number 0–63) becomes one character from the Base64 alphabet. When the input length is not a multiple of 3, the last group is padded with = characters: 1 byte of input → XX==, 2 bytes → XXX=.

Standard Base64 vs Base64URL

Two characters in standard Base64 cause problems in URLs: + (interpreted as space) and / (path separator). Base64URL (RFC 4648 §5) replaces + with -, / with _, and typically omits = padding. JWTs and OAuth use Base64URL specifically so tokens can appear in URL query parameters and HTTP headers without further encoding.

When NOT to use Base64

Base64 is not encryption — it provides zero confidentiality. Avoid it for storing passwords, tokens, or any sensitive data. It also adds 33% size overhead, so don't use it when binary transport is available (HTTP/2 binary frames, gRPC/Protobuf, file uploads). Hex (Base16) is more readable for debugging at the cost of 100% overhead.