Base64 Encode & Decode Online
Free Text, File & Image Converter Tool
Use our free Base64 encode online tool to instantly convert text to Base64, upload files for Base64 file conversion, generate Data URI schemes for CSS image inlining, or decode Base64 strings back to plain text. This online Base64 decoder supports Base64 URL safe encoding, MIME line wrapping, JWT token decoding, and Base64 to image conversion with live preview. Built for developers, DevOps engineers, and security professionals working with binary to ASCII transformations.
Quick Answer: What Is Base64 Encoding?
Base64 encode online converts binary data into text-safe ASCII using a 64-character alphabet (A-Z, a-z, 0-9, +, /). Every 3 input bytes become 4 output characters (~33% overhead). Our free Base64 decode tool reverses this process. Uses: Data URI image inlining, MIME email attachments, JWT tokens, Kubernetes secrets, PEM certificates, Basic Auth headers. We support text, files (10MB), URL-safe mode, and Base64 to image preview.
Base64 Encode & Decode Text
Paste text to encode to Base64, or paste Base64 to decode back.
Robert Harrison
OSINT & Network Utility Expert
Robert specializes in data encoding protocols, network utilities, DNS management, and developer tooling. He helps engineers work efficiently with binary-to-text transformations, certificate encoding, and API authentication workflows.
View All ArticlesWhat Is Base64 Encoding and How Does the Conversion Work?
Base64 encode online is the process of converting binary data into a text-safe ASCII string using a 64-character alphabet defined in RFC 4648. The encoding takes every 3 bytes (24 bits) of input and splits them into 4 groups of 6 bits. Each 6-bit value maps to a character in the Base64 alphabet: A-Z (0-25), a-z (26-51), 0-9 (52-61), + (62), and / (63).
When input is not divisible by 3 bytes, the encoder adds padding (=) characters. One = means the last group had 2 bytes, two == means 1 byte. This padding tells the online Base64 decoder exactly how many bits to discard during the binary to ASCII round-trip. The result is zero data loss, 100% accuracy, and full UTF-8 to Base64 compliance — handling emojis, Arabic, Chinese, and all Unicode correctly.
Key Fact: Base64 increases data size by ~33%. Every 3 input bytes become 4 output characters. This overhead is the cost of making binary data safe for text-only channels like email (MIME), URLs, JSON, and XML.
How to Convert Small Icons to Base64 for CSS Embedding in 2026
One of the most popular uses of Base64 encode online tools is converting small images into Data URI strings for direct embedding in CSS or HTML. This eliminates an HTTP request per image, improving page load on mobile networks where every request adds latency.
Step-by-Step Image Inlining
Upload your icon (PNG, SVG, WebP) to our Base64 file converter tab with Data URI enabled. The tool generates a data:image/png;base64,iVBORw0KGgo... string for your CSS. This is the Data URI scheme defined in RFC 2397, supported by all browsers.
/* CSS: Inline a small icon as Base64 background */
.icon-check {
background-image: url('data:image/svg+xml;base64,PHN2Zy...');
background-size: contain;
width: 24px; height: 24px;
}
Use CSS Background Base64 for icons under 10KB. For larger images, serve as separate files with caching. A 500KB hero image in Base64 adds 667KB to your CSS and cannot be cached separately. Check security headers with our HTTP Headers Analyzer.
Performance Warning: Never Base64-encode images over 10KB for CSS inlining. The 33% overhead plus inability to cache separately will hurt Google PageSpeed. Use WebP and CDN caching for larger assets.
Base64 URL Safe vs Standard Base64: What Developers Must Know
Standard Base64 uses + (space in URLs) and / (path separator). Base64 URL safe encoding replaces + with - and / with _, and usually omits = padding, making encoded strings safe for URLs, filenames, and query parameters.
Comparison Table
| Feature | Standard Base64 | URL-Safe Base64 |
|---|---|---|
| Char 62 | + (plus) | - (hyphen) |
| Char 63 | / (slash) | _ (underscore) |
| Padding | = required | Usually omitted |
| RFC | RFC 4648 §4 | RFC 4648 §5 |
| Uses | MIME, PEM, XML | JWT, URLs, filenames |
Our Base64 URL safe encoder handles both modes. The decoder auto-detects standard or URL-safe input. Essential for JWT (JSON Web Token) decoding since JWTs always use Base64URL. Verify API security with our SSL Checker.
Free Tool to Decode Base64 Strings for JWT Troubleshooting
A JSON Web Token (JWT) has three Base64URL parts separated by dots: header.payload.signature. Our JWT decoder tab splits the token, decodes each part to formatted JSON, shows expiration timestamps, and flags expired tokens — the fastest way to debug API authentication.
// JWT Structure
eyJhbGciOiJIUzI1NiJ9. ← Header (Base64URL)
eyJzdWIiOiIxMjM0NTY3ODkwIn0. ← Payload (Base64URL)
SflKxwRJSMeKKF2QT4fwpMeJf36POk ← Signature
The tool also checks exp claims for validity — invaluable when debugging Basic Auth headers and OAuth flows. Check server headers with our Headers Analyzer and DNS with our DNS Lookup.
Security: Never paste production JWTs with real user data into any online tool. Use test tokens. JWTs are encoded (readable), not encrypted (protected).
How to Store Binary Images in JSON and Decode Kubernetes Secrets
JSON and XML cannot store binary data directly. Base64 encoding converts image bytes into text strings safe for XML/JSON binary storage. Use the Data URI scheme (data:image/png;base64,...) which includes the MIME type for proper rendering.
// JSON: Avatar as Base64
{"user":"john", "avatar":"data:image/png;base64,iVBOR..."}
Kubernetes Secrets
Kubernetes secrets store values as plain Base64 in YAML — NOT encrypted by default. Paste the Base64 value into our online Base64 decoder to reveal the secret. For example, cGFzc3dvcmQxMjM= decodes to password123. Generate strong secrets with our Password Generator.
# Kubernetes Secret YAML
apiVersion: v1
kind: Secret
data:
password: cGFzc3dvcmQxMjM=
api-key: c2VjcmV0LWtleQ==
Developer Code Examples: Base64 in JavaScript, Python and Java
Every language has built-in Base64 support. Use our Base64 encode online tool to verify output.
JavaScript (atob and btoa)
// JavaScript: Browser Base64 (atob / btoa)
const encoded = btoa('Hello World');
// "SGVsbG8gV29ybGQ="
const decoded = atob('SGVsbG8gV29ybGQ=');
// "Hello World"
// Node.js: Buffer
Buffer.from('Hello').toString('base64');
Buffer.from('SGVsbG8=','base64').toString();
Python base64 Module
# Python: base64 module
import base64
encoded = base64.b64encode(b'Hello World')
# b'SGVsbG8gV29ybGQ='
decoded = base64.b64decode(b'SGVsbG8gV29ybGQ=')
# URL-safe variant
base64.urlsafe_b64encode(b'data+with/chars')
Java Base64 Library
// Java: java.util.Base64 (Java 8+)
String enc = Base64.getEncoder()
.encodeToString("Hello".getBytes());
byte[] dec = Base64.getDecoder().decode(enc);
// URL-safe and MIME variants
Base64.getUrlEncoder().encodeToString(data);
Base64.getMimeEncoder().encodeToString(data);
Use our JSON tool for processing alongside Base64: JSON Beautifier. For hash verification: Hash Generator.
Why Is My Base64 String Too Long? Compression and Optimization
The 33% overhead is mathematically fixed — 3 bytes always become 4 characters. But you can minimize impact.
Compress Before Encoding
Apply gzip compression before Base64. A 100KB JSON compresses to ~15KB, then Base64 becomes ~20KB — far better than encoding 100KB directly (133KB). Standard for MIME attachments.
Use WebP Over PNG/JPEG
Convert images to WebP before Base64 for CSS. WebP is 25-35% smaller than PNG, effectively canceling the Base64 overhead. A 10KB PNG becomes 7KB WebP, then 9.3KB as Base64.
SVG for Icons
SVGs are text-based and encode efficiently. A 24x24 icon: ~500 bytes SVG vs ~2KB PNG. Plus SVGs scale perfectly at any resolution.
Rule: Set a 10KB threshold for Base64-inlined assets. Larger files should use separate hosting with Cache-Control: max-age=31536000. Check security with our Headers Analyzer.
Base64 in Security: PEM Certificates, Basic Auth and Kubernetes
Base64 is embedded in security infrastructure — not for security itself, but to transport binary security data through text systems.
PEM Certificate Encoding
PEM certificates wrap Base64-encoded DER data between -----BEGIN CERTIFICATE----- markers. Decode the Base64 portion to inspect raw certificate bytes. Verify certs with our SSL Checker.
HTTP Basic Auth Headers
Basic Auth headers encode username:password as Base64: Authorization: Basic dXNlcjpwYXNz. This is NOT encryption — any observer can decode it. Always use HTTPS alongside Basic Auth. Analyze headers with our Headers Analyzer.
Critical: Base64 is NOT encryption. It is reversible with NO key. Never protect passwords, API keys, or sensitive data with Base64 alone. Use AES-256 and HTTPS. Read our guide on clearing your digital footprint.
MIME Encoding: How Email Uses Base64 for Attachments
SMTP was designed for 7-bit ASCII only. Binary attachments (PDFs, images) are Base64-encoded and wrapped in MIME headers. Our MIME Wrap checkbox formats output at 76 characters per line — exactly what mail servers expect.
Understanding MIME helps debug email delivery. Verify deliverability with our Email Verifier and check IP reputation with our IP Blacklist Checker. Read our guide on fixing 550 RBL blocked sender errors and IP reputation for bulk email.
Complete Base64 Developer Workflow: Encode, Verify, Deploy
- Step 1: Identify data type — text, image, certificate, or JWT.
- Step 2: Choose tab — Text, File, or JWT.
- Step 3: Select options — URL-Safe for URLs, MIME Wrap for email, Data URI for CSS.
- Step 4: Encode and check the 33% overhead is acceptable.
- Step 5: Round-trip test — decode output to verify it matches input.
- Step 6: Validate in your app — compare with our tool's output.
- Step 7: Secure sensitive data with HTTPS + encryption. Verify with our SSL Checker.
- Step 8: Audit DNS with our DNS Lookup and domain registration with WHOIS Lookup.
Pro Tip: Unlike JS-only converters that crash on large files, our server-side processing handles 10MB reliably. Read our guide on IP reputation for cold emailing 2026.
Frequently Asked Questions About Base64 Encoding
Q What does Base64 encode online mean?
Base64 encode online converts binary data into text-safe ASCII using a 64-character alphabet. Every 3 bytes become 4 characters. Our tool supports text, files, Data URI, URL-safe mode, and MIME wrapping.
Q How to convert images to Base64 for CSS?
Upload to our Base64 to image converter with Data URI enabled. Get a data:image/png;base64,... string for CSS Background Base64. Keep images under 10KB.
Q Standard vs URL-safe Base64 — what is the difference?
Standard uses + and / (break URLs). Base64 URL safe uses - and _ and drops padding. JWTs use URL-safe. Our Base64 URL safe encoder supports both.
Q How to decode JWT tokens?
Use our JWT tab. Paste the token — tool splits header, payload, signature, decodes Base64URL to JSON, and shows expiration. Free JWT troubleshooting tool.
Q Why is Base64 output 33% larger?
4 characters for every 3 bytes — fixed math. Compress with gzip first, use WebP images, and only inline assets under 10KB. The overhead is the cost of binary to ASCII portability.
Q How to decode Kubernetes secrets?
Paste the Kubernetes secret Base64 value into our decoder. cGFzc3dvcmQxMjM= → password123. K8s secrets are NOT encrypted — Base64 is for YAML transport only.
Q Can large files be converted without browser crashing?
Yes. Our Base64 file converter processes server-side — browser handles nothing. Up to 10MB supported. Larger files: compress first or use base64 CLI tool.
Q Is Base64 the same as encryption?
No. Base64 is encoding, not encryption. Anyone decodes it instantly with no key. Use AES-256 + HTTPS for security. Never Base64-protect passwords or sensitive data.
Related Developer & Security Tools
Complete your development workflow.
Encode, Decode & Convert Instantly
Free Base64 Tool — No Signup Required
Our Base64 encode online tool handles text, files up to 10MB, images with preview, JWT tokens, URL-safe mode, MIME wrapping, and Data URI output. Developer-ready and free.