What Is Base64?
Base64 is a binary-to-text encoding scheme that represents binary data using a set of 64 printable ASCII characters (A-Z, a-z, 0-9, +, /). It was originally designed to safely transmit binary data over text-based protocols like email (MIME) and HTTP. The encoding increases data size by roughly 33%, which is why it should be used deliberately rather than as a default.
How It Works
The algorithm takes every three bytes of input (24 bits) and splits them into four 6-bit groups. Each 6-bit group maps to one character in the Base64 alphabet. If the input length is not a multiple of three, padding characters (=) are appended.
Input: "Hi"
Binary: 01001000 01101001
6-bit: 010010 000110 1001(00) <- padded
Base64: S G k =
Result: "SGk="You can try this yourself with our Base64 Encoder/Decoder — paste any text and see the encoded output instantly.
When to Use Base64
- Embedding images in HTML/CSS — Data URIs (
data:image/png;base64,...) let you inline small images directly in markup, eliminating an extra HTTP request. - Email attachments — MIME encoding relies on Base64 to transmit binary files over a text-only protocol.
- API authentication — HTTP Basic Auth encodes the
username:passwordpair as Base64 in theAuthorizationheader. - JSON payloads with binary data — Since JSON does not support raw binary, Base64-encoding binary fields (like a file thumbnail) is the standard workaround.
When NOT to Use Base64
Base64 is not encryption. It provides zero security — anyone can decode it instantly. Never use Base64 to "hide" passwords, API keys, or sensitive data. If you need to protect data, use proper encryption (AES, RSA) or hashing (Hash Generator).
Also avoid Base64 for large files. The 33% size increase adds up quickly; a 10 MB image becomes ~13.3 MB when Base64-encoded. For large assets, use direct binary transfer (multipart form data) instead.
Base64url Variant
The standard Base64 alphabet uses + and /, which are special characters in URLs. The Base64url variant replaces them with - and _ and omits padding. This is the encoding used inside JWT tokens.
Quick Reference
// JavaScript — encode
btoa("Hello, World!") // "SGVsbG8sIFdvcmxkIQ=="
// JavaScript — decode
atob("SGVsbG8sIFdvcmxkIQ==") // "Hello, World!"
// Node.js
Buffer.from("Hello").toString("base64") // "SGVsbG8="
Buffer.from("SGVsbG8=", "base64").toString() // "Hello"For quick one-off encoding/decoding without writing code, use our Base64 tool — it handles both text and file input with instant results.