Zutily

Free Online Base64 Encoder & Decoder

Encode text, images, PDFs, and any file to Base64 — or decode Base64 strings back to plain text instantly. Supports drag & drop, data URI output, image preview, URL-safe variant, and live conversion. All processing happens in your browser, completely free and private.

Share this tool

100% FreePrivacy FirstInstant ResultsNo Sign-Up
Variant:
Plain Text
1 lines0 chars

Enter text to encode it to Base64

Base64 Output

Encoded output appears here

Direction

encode

A-Z

Variant

standard

0 B

Input Size

Output Size

How Base64 Encoding Works Under the Hood

Base64 converts binary data into a text-safe representation by splitting the input into groups of 3 bytes (24 bits), then dividing each group into four 6-bit segments. Each 6-bit value maps to one of 64 printable characters: A-Z a-z 0-9 + /. When the input length isn't divisible by 3, padding characters (=) are appended to complete the final block.

This scheme was originally designed for MIME email attachments (RFC 2045) to transmit binary files over the 7-bit ASCII email infrastructure. Today it is ubiquitous — from JWT token payloads and HTTP Basic Auth headers to inline images in HTML emails. The trade-off is a ~33% size increase: every 3 input bytes produce 4 output characters, making it unsuitable for large file transfers but perfect for embedding small assets inline.

Standard Base64 vs URL-Safe Base64

PropertyStandard (RFC 4648 §4)URL-Safe (RFC 4648 §5)
Alphabet chars 62-63+ /- _
PaddingRequired (=)Typically omitted
Safe in URLsNoYes
Safe in filenamesNoYes
Common usageEmail (MIME), PEM certificates, HTTP headersJWT tokens, URL query params, cookie values

Rule of thumb: if the Base64 string will appear in a URL, query parameter, filename, or cookie, always use the URL-safe variant to avoid percent-encoding conflicts and parsing errors.

Data URIs: When to Embed, When Not To

Embed with Data URIs

  • Icons & logos under 10 KB — eliminates an HTTP request
  • CSS background images in critical-path stylesheets
  • HTML email templates where external images are often blocked
  • Single-file HTML exports and documentation

Avoid Data URIs For

  • Images over 20 KB — bloats HTML/CSS and defeats caching
  • Frequently reused assets — external URLs cache independently
  • Dynamic or user-uploaded content — serve from CDN instead
  • Performance-critical pages — inline data increases parse time

Where Base64 Is Used in Production

  • JWT Authentication

    JSON Web Tokens encode their header and payload as URL-safe Base64 segments, allowing claims like user ID and expiration to travel safely in HTTP Authorization headers.

  • HTTP Basic Auth

    The Authorization: Basic header transmits credentials as a Base64-encoded username:password string. Every API client from cURL to Postman uses this scheme.

  • Email Attachments (MIME)

    SMTP was built for 7-bit ASCII text. MIME uses Base64 to encode PDFs, images, and binary attachments so they survive transit through email servers.

  • PEM Certificates & SSH Keys

    SSL/TLS certificates (.pem, .crt) and SSH public keys are stored as Base64-encoded DER binary data wrapped in -----BEGIN CERTIFICATE----- delimiters.

  • Canvas & Image Processing

    The HTML Canvas API's toDataURL() method exports rendered graphics as Base64 data URIs, enabling client-side image manipulation, cropping, and watermarking.

  • Local Storage & IndexedDB

    Browsers' text-only storage APIs require Base64 encoding to persist binary data like cached thumbnails, audio clips, or offline document previews.

Frequently Asked Questions

Quick answers to common questions

Base64 is a binary-to-text encoding scheme that converts binary data into a set of 64 printable ASCII characters (A–Z, a–z, 0–9, +, /). It's widely used to safely transmit binary data — like images, files, or authentication tokens — over text-based protocols such as HTTP, email (MIME), and JSON APIs.
Common use cases include embedding images in HTML/CSS (data URIs), encoding API authentication credentials (HTTP Basic Auth), transmitting binary data in JSON payloads, encoding email attachments (MIME), and storing binary data in text-only formats like XML or CSV.
Standard Base64 uses + and / characters with = padding. URL-safe Base64 replaces + with - and / with _, and removes trailing = padding. URL-safe is necessary when Base64 strings appear in URLs, query parameters, or filenames where + and / have special meaning.
No. Base64 is an encoding scheme, not encryption. It transforms data into a different representation but provides zero security. Anyone can decode Base64 back to the original data instantly. Never use Base64 as a security measure — use proper encryption (AES, RSA) for sensitive data.
Base64 encoding increases data size by approximately 33%. Every 3 bytes of input become 4 bytes of Base64 output. For example, a 1 MB file becomes roughly 1.33 MB when Base64-encoded. This overhead is the trade-off for being able to transmit binary data as text.
Yes. All encoding and decoding happens entirely in your browser using client-side JavaScript. Your data is never sent to any server, stored, or logged. The tool is completely stateless and private — you can safely use it with API keys, tokens, and sensitive data.
Yes. This encoder properly handles UTF-8 multi-byte characters including accented letters (café, résumé), CJK characters, emoji, and all Unicode code points. Many basic Base64 tools break on non-ASCII characters — this one handles them correctly.
When Live Convert is enabled (default), the output updates in real-time as you type or paste. For very large inputs where real-time conversion might feel slow, you can disable it and manually trigger conversion. This gives you full control over when the conversion runs.
Yes. Click the swap button to instantly switch directions — the current output becomes the new input, and the mode flips from encode to decode (or vice versa). This is useful for verifying that a round-trip encode→decode produces the original text.
In web development, Base64 is used for embedding small images/icons directly in CSS (background-image: url(data:image/png;base64,...)), encoding JWT (JSON Web Token) payloads, HTTP Basic Authentication headers, sending file uploads via JSON APIs, and encoding binary data for localStorage or IndexedDB storage.
Switch to the 'Image / File / PDF' tab, then drag and drop your image or click to browse. The tool instantly converts it to Base64 and shows a preview. You can copy the raw Base64 string or the complete data URI (ready to paste into HTML <img> tags or CSS background-image). Supported formats include PNG, JPG, SVG, GIF, WebP, and ICO.
Yes. The file mode accepts PDF files of any size. Simply drop your PDF onto the upload area and the tool will generate the Base64 output instantly. You can copy the raw Base64 or the data URI format (data:application/pdf;base64,...) for embedding PDFs in web applications.
A Data URI is a string that embeds the file content directly in HTML or CSS using the format data:[mime-type];base64,[base64-data]. Use data URIs for small assets (under 10–20 KB) like icons and logos to eliminate additional HTTP requests. For larger files, a regular URL is more efficient since data URIs increase the HTML/CSS file size and cannot be cached independently.

Disclaimer

This tool is provided “as is” for informational and utility purposes only. While we strive for accuracy, Zutily makes no warranties regarding the completeness, reliability, or suitability of the output for any specific purpose. All processing is stateless — we do not store, log, or share any data you enter. Use the results at your own discretion. For security-critical applications, always verify outputs independently.

Found this tool helpful?

Share it with your friends and colleagues