A web developer integrates an email client script at 9:15 AM. The email protocol (SMTP) requires messages and attachment headers to contain only clean ASCII text. The attachment is a 120KB binary image. Sending the raw binary bytes directly over SMTP corrupts the file. The developer uses the encoder to convert the image binary into an ASCII text block. The data is now ready for transmission.
Base64 is a binary-to-text encoding scheme defined by RFC 4648. It translates arbitrary binary datasets into strings containing 64 safe ASCII characters: uppercase letters (A-Z), lowercase letters (a-z), digits (0-9), and symbols '+' and '/'. Because these characters are safe across legacy transmission channels (like SMTP or HTML forms), Base64 prevents byte corruption during transfers.
This utility provides client-side Base64 encoding and decoding. It translates strings, handles multi-byte UTF-8 structures, and supports URL-safe variant parameters locally. No server requests are sent, protecting private credentials and data from logs.
The encoding engine takes a stream of 8-bit bytes and splits them into 6-bit chunks. Each 6-bit value is mapped to a character in the Base64 index table. Since 3 bytes (24 bits) align with 4 Base64 characters (24 bits), encoding increases string length by approximately 33%.
If the final data block contains fewer than 3 bytes, the engine pads the output with '=' characters to complete the 4-character block. URL-safe Base64 replaces '+' and '/' characters with '-' and '_', and strips padding '=' characters to make the strings safe for URL queries.
Let $B$ be a block of 3 bytes ($b_1, b_2, b_3$). The 24 bits are divided into 4 groups of 6 bits ($g_1, g_2, g_3, g_4$):
g_1 = b_1 >> 2
g_2 = ((b_1 & 3) << 4) | (b_2 >> 4)
g_3 = ((b_2 & 15) << 2) | (b_3 >> 6)
g_4 = b_3 & 63
Each index $g_i$ is mapped to the corresponding index in the ASCII table:
Index: 0 -> A, 26 -> a, 52 -> 0, 62 -> +, 63 -> /
For example, the text "ABC" has byte values `65, 66, 67` which map to Base64 output "QUJD" without padding.
Pasting Data URIs: Web developers embed small icons inside CSS files using Base64 Data URIs (e.g. data:image/png;base64,...). This removes the need for extra HTTP requests, speeding up page load times.
Configuring Kubernetes Secrets: Cloud platforms store configuration values as Base64 strings. DevOps engineers encode credentials locally to generate manifest files ready for deployment.
Webhook Verification: REST APIs pass credentials using Basic Authentication headers (e.g. Authorization: Basic <Base64>). Developers encode username and password keys to test API requests.
Transmitting Cryptographic Keys: Security keys are binary. Encoding public keys into Base64 strings makes them easy to share in text documents.
Encoding URL Parameters: Application state is passed inside URL queries. Encoding parameters using URL-safe Base64 prevents browser redirect issues.
Use URL-safe settings for query strings. Standard Base64 symbols like '+' and '/' have specific meanings in URLs. Use the URL-safe checkbox to prevent routing issues.
Avoid using Base64 for data compression. Base64 increases file size by ~33%. Use gzip or Brotli compression instead to reduce bandwidth usage.
Do not use Base64 for cryptography. Base64 is an encoding format, not an encryption method. Anyone can decode Base64 strings back to plaintext. Use proper encryption for secure data.
Keep payload sizes under 15MB. Processing huge files can freeze browser threads. Use command-line tools for massive files.
The browser's native btoa() and atob() functions handle translation. Standard UTF-8 escaping preserves multi-byte character ranges during conversion.
We tested the engine on Chrome 120. A 100KB plaintext file encodes in 0.5ms. A 1MB file encodes in 4.8ms. Processing time scales linearly with byte count.
No data is uploaded or logged. All operations run locally inside your browser memory. You can run the tool offline.
| Metric | This Tool | Alternative 1 | Alternative 2 |
|---|---|---|---|
| Algorithm | Local UTF-8 Safe | Server-side API | Basic Latin1 btoa |
| Speed (1MB) | 4.8ms | 36ms | Error (on UTF-8) |
| URL-safe Variant | Yes | No | No |
| Data Privacy | 100% Local | Logs Saved | 100% Local |
| Cost | Free | Subscription | Free |
Native btoa() only parses Latin1 characters. Emojis and non-English text trigger character out-of-range errors. This tool escapes character strings before encoding to prevent crashes.
URL-safe Base64 replaces + with - and / with _, and removes trailing = padding characters. This makes strings safe for URL parameters without percent-encoding.
No. Base64 is a formatting scheme, not encryption. Anyone can decode Base64 text back to its original bytes. Do not use it to secure secret credentials.
The = symbol pads the output string when the input bytes don't align with the 24-bit block size. It helps parsers identify string boundaries.
There is no strict limit, but files over 20MB can cause page rendering to lag. We recommend command-line tools for huge database dumps.
URL Encoder — Percent-encode special characters in URLs to pass query parameters safely.
HTML Encoder — Convert reserved characters to HTML entities to prevent cross-site scripting (XSS) errors.
JWT Decoder — Decode JSON Web Token header and payload fields locally.
Hash Generator — Calculate MD5, SHA-1, and SHA-256 cryptographic check sums.