How to Encode and Decode Base64
If you have ever pasted a long, jumbled string that ends in one or two equals signs, you have met Base64. It is one of the most common ways to package text or data so it survives travel through systems that only expect plain, printable characters — email headers, JSON payloads, data URIs, config files, and more. Knowing how to base64 encode and decode is a small skill that quietly saves a lot of time.
This guide explains what Base64 actually does, when you would reach for it, and how to encode and decode text in a few seconds using Tooldrop's Base64 Encoder / Decoder at /dev/base64. It is free, needs no sign-up, has no limits, and runs entirely in your browser — so the text you paste is never uploaded to a server.
Step by step
- 1Open the Base64 Encoder / Decoder at /dev/base64 — no sign-up or install needed.
- 2Pick a mode using the buttons at the top: choose Encode to turn plain text into Base64, or Decode to turn Base64 back into readable text.
- 3Paste or type your content into the input box. In Encode mode it is labelled 'Plain text'; in Decode mode it is labelled 'Base64 text'.
- 4Watch the Result panel update live as you type — there is no button to press to run the conversion.
- 5Check for a friendly error message if you are decoding: invalid Base64 or non-text data is flagged clearly instead of producing garbage.
- 6Click Copy to put the result on your clipboard, then paste it wherever you need it.
- 7Switch modes any time to reverse the operation — encode something, then hit Decode to confirm it round-trips back to the original.
What Base64 actually is (and isn't)
Base64 is an encoding, not encryption. It takes raw bytes and represents them using only 64 safe, printable characters (A–Z, a–z, 0–9, plus + and /), often padded with = at the end. The point is portability: many older protocols and text-only fields can mangle special characters, control bytes, or binary data, so wrapping everything in this limited alphabet guarantees it arrives intact.
Because it is reversible by anyone, Base64 offers zero security on its own. Encoding a password or API key in Base64 hides it from a casual glance but protects nothing — anyone can decode it instantly. Use it for transport and embedding, never as a way to keep secrets. One side effect to remember: Base64 output is about 33% larger than the original, since every 3 bytes become 4 characters.
When you'll want to base64 encode or decode
The most common reasons people reach for Base64 encode and decode are embedding and inspecting. Data URIs let you inline a small image or font directly in HTML or CSS as a data:...;base64,... string, avoiding an extra network request. Email attachments are Base64-encoded under the hood. Many JSON APIs accept binary blobs as Base64 fields, and JWT tokens are made of Base64url segments.
On the decode side, you might be debugging — pulling a value out of a log, a token, or a config file and wanting to read what it really says. Pasting it into a decoder turns the noise back into human-readable text in a moment, which is far quicker than reasoning about it by hand.
Unicode, emoji, and accents handled correctly
A classic trap with Base64 in the browser is that the built-in btoa/atob functions only understand Latin-1, so anything outside that range — accented letters, emoji, non-Latin scripts — either throws an error or silently corrupts. Tooldrop's tool sidesteps this by converting your text to and from UTF-8 bytes first, so 'café', '日本語', and '🎉' all encode and decode cleanly and round-trip back to exactly what you started with.
When decoding, the tool also validates the result. If the input isn't valid Base64, or the decoded bytes aren't valid UTF-8 text, you get a clear, friendly message instead of a wall of broken characters — so you know to check your input rather than trust a bad result.
Private by design: nothing leaves your browser
Everything in the Base64 Encoder / Decoder happens on your device. The conversion runs in JavaScript right in the page, so the text you paste is never sent to a server, never stored, and never logged. That makes it genuinely safe to inspect or encode internal strings, tokens, and other sensitive snippets.
Tooldrop is a hub of free, browser-based tools built this way on purpose: no sign-up, no usage limits, and most tools process files and text on-device so they are never uploaded. If you found this useful, related dev tools like the URL Encoder at /dev/url-encoder, JWT Decoder at /dev/jwt-decoder, and Image to Base64 at /image/to-base64 work the same private way.
Frequently asked questions
Is Base64 a form of encryption?
Does the tool handle emoji and accented characters?
Is my text uploaded anywhere when I encode or decode?
Why am I getting an error when I decode?
Tools used in this guide
Related guides
Paste any JSON Web Token to read its header and payload in seconds — free, private, and entirely in your browser.
Paste messy JSON, beautify or minify it, and catch errors instantly with this free in-browser JSON formatter.
Paste a JSON array of objects and get clean, spreadsheet-ready CSV in seconds — free, private, and entirely in your browser.