Loading the interactive tool… It runs in your browser — if it doesn't appear, enable JavaScript.
Encode text to Base64, decode it back, or Base64-encode a file (with a ready-made data: URI for embedding in CSS or HTML). Handles UTF-8 correctly — emoji and non-Latin text round-trip cleanly, where naïve btoa() implementations throw — and offers the URL-safe alphabet used in JWTs and web tokens. Everything runs locally, which matters given how often Base64 strings contain credentials and API payloads.
Frequently asked questions
Is Base64 encryption?
No — it's encoding, trivially reversible by anyone. It exists to represent binary data as printable text, not to protect it. Never treat Base64 as a way to hide secrets.
What's URL-safe Base64?
Standard Base64 uses + and /, which break inside URLs. The URL-safe variant (RFC 4648 §5) swaps them for - and _ and usually drops the = padding — it's what JWTs use. The decoder here accepts both alphabets.
Why is my decoded output garbled?
Usually the input isn't text — decoding a Base64-encoded image as text produces noise. It can also mean the string is truncated or has whitespace inside; the decoder strips leading/trailing whitespace but bytes must be intact.