Utilify

Base64 Encoder & Decoder

Encode and decode Base64 strings online. UTF-8 safe, browser-only — your data never leaves your device.

How to use Base64 Encoder

  1. 1
    Pick a mode

    Choose Encode (text → base64) or Decode (base64 → text).

  2. 2
    Enter input

    Type or paste your input. The output updates live.

  3. 3
    Copy output

    Click Copy to grab the result.

About Base64 Encoder

Base64 is a binary-to-text encoding that uses 64 ASCII characters (A–Z, a–z, 0–9, +, /) to represent any binary data. It is the standard way to embed binary content — images, fonts, signatures, certificates — inside text-only contexts like HTML, JSON, XML, or HTTP headers. The price of this portability is roughly 33% size inflation: every 3 bytes of binary become 4 ASCII characters, plus optional padding.

A critical thing to understand: Base64 is not encryption. It is trivially reversible by anyone with a decoder. If you need to keep something secret, encrypt it first and then Base64-encode the ciphertext if needed for transport. Utilify's encoder handles UTF-8 strings correctly — including accented characters and emoji — by encoding through TextEncoder before the Base64 transformation, so round-trips preserve every byte exactly.

Under the hood the algorithm is simple: the input bytes are taken three at a time (24 bits), split into four 6-bit groups, and each group maps to one character in the 64-character alphabet. When the input length is not a multiple of three, one or two "=" padding characters are appended so the output length stays a multiple of four. That padding is why so many Base64 strings end in "=" or "==".

There are two common alphabets. Standard Base64 uses "+" and "/" for the last two characters; Base64URL replaces them with "-" and "_" and usually drops the padding, because "+", "/", and "=" have special meanings in URLs and filenames. JWTs, for example, are Base64URL-encoded. If a token or string fails to decode here, a mismatch between these two variants — or missing padding — is the usual culprit.

Beyond JWTs and data URIs, Base64 shows up almost everywhere binary data has to survive a text-only channel intact: email attachments (MIME), embedded TLS and SSH keys (PEM files are Base64 wrapped in header lines), inline SVG and font assets in CSS, and binary fields stored in JSON APIs. Knowing how to encode and decode it quickly is a small but constant part of working with the web.

When to use Base64 Encoder

  • Data URIs

    Embed small images directly into HTML or CSS without separate file requests.

  • Basic-auth headers

    Build the "Authorization: Basic <base64>" value for HTTP basic authentication.

  • Inspecting JWTs

    JWT header and payload are Base64URL-encoded — decode them to see the claims.

Examples

Plain text → Base64
Input
Hello, world!
Output
SGVsbG8sIHdvcmxkIQ==
UTF-8 with emoji
Input
안녕 🌍
Output
7JWI64WVIPCfjI0=

Frequently asked questions

Is this UTF-8 safe?+

Yes. The encoder uses TextEncoder and TextDecoder, so accented characters, non-Latin scripts, and emoji all round-trip correctly without corruption.

What is Base64 used for?+

Base64 lets you embed binary data inside text-only formats — JWTs, data URIs, basic-auth headers, email attachments (MIME), and PEM-encoded keys and certificates.

Is Base64 encryption? Is it secure?+

No. Base64 is encoding, not encryption — anyone can decode it instantly. Never use it to hide secrets. Encrypt sensitive data first, then Base64-encode the ciphertext only if you need it in a text channel.

What is the difference between Base64 and Base64URL?+

Standard Base64 uses "+" and "/" and pads with "="; Base64URL uses "-" and "_" instead and usually omits padding, so the result is safe inside URLs and filenames. JWTs use Base64URL.

Why does my Base64 string end in "=" signs?+

That is padding. When the input length is not a multiple of three bytes, one or two "=" characters are added so the encoded length stays a multiple of four.

Related tools

From the blog