Why is the base64 output always longer than the input?

Because base64 packs **3 bytes of input into 4 characters of output**. The ratio is exactly **4/3**, so the output is about **33% bigger** than the input. For 100 bytes of text you get roughly 134 characters of base64. The size stat at the bottom of the tool shows the exact ratio for your input. This is the price of staying inside a safe character set.

What is the URL-safe variant?

Standard base64 uses **`+`** and **`/`** as two of its 64 characters, plus **`=`** for padding. Those three characters all have **special meaning in URLs**: `+` becomes a space, `/` is a path separator, `=` is used for query strings. So plain base64 inside a URL gets mangled. The **URL-safe variant** (RFC 4648 section 5) makes two substitutions: - **`+`** becomes **`-`** - **`/`** becomes **`_`** - **`=`** padding is dropped The result is safe to drop into a URL, a filename or a JSON Web Token without any escaping.

My decoded text shows weird characters. Why?

Almost always one of three things. **One**, the input is **not actually base64** (a stray space, a missing character, a typo). The tool will show a red banner in that case. **Two**, the input is base64 but the bytes inside are **not UTF-8 text** (could be a binary file, an image, a compressed blob). This tool decodes assuming UTF-8 because it is the modern default. **Three**, the source used a **different text encoding** (Windows-1250, ISO-8859-2). For that case you need a tool that exposes a charset switch, this one is UTF-8 only.

What does the `=` at the end mean?

Padding. Base64 works in groups of 3 input bytes. When your input length is **not a multiple of 3**, the encoder fills the missing bytes with zeros and marks the fakes with **`=`** signs. **One `=`** means the original input had 2 leftover bytes. **Two `==`** means it had 1 leftover byte. The padding lets a decoder check the input length is consistent, **but it is optional**: most modern parsers accept base64 without padding (URL-safe variant drops it by default).

Does this tool send my text anywhere?

**No.** All encoding and decoding runs in your browser, using the native **`TextEncoder`**, **`btoa`** and **`atob`** APIs. Open DevTools, watch the **Network** tab, type into the box: zero requests. The text never leaves your machine. Safe to use for passwords, tokens, internal config and anything else you would not want logged on a server.

Can I encode a file (image, PDF) with this tool?

Not directly, this tool is for **text only**. For images use our dedicated image to base64 converter, which accepts file drops and produces a **`data:image/png;base64,...`** URI ready to paste into CSS or HTML. For other binary files (PDF, audio, archives) you would copy the bytes through a hex editor or a small script, base64 is the same format underneath, just the **input handling** differs.

Why do JWTs look like base64 but break when I paste them here?

JWTs use **URL-safe base64 without padding**, and the token is actually **three parts joined by dots**: header, payload, signature. If you paste the whole token the decoder will choke on the dots. Split the token by **`.`** and decode each part separately. The signature is binary, the header and payload are JSON. This tool detects the URL-safe variant automatically, so you do not need to flip any switch.

What does "line wrap at 76 chars" do and when do I need it?

Old email standards (**RFC 2045**, MIME) require body lines to be **at most 76 characters long**. SMTP servers from the 1990s would reject longer lines. Modern mail clients are fine with one big line, but if you are **debugging a raw email** or producing a **PEM-style certificate**, the line wrap toggle gives you the classic format. For URLs, JSON and tokens leave it off.

Base64 Encoder - free | YourDevTools

What is base64 and when do you actually need it?

Base64 is a way to pack any text or bytes into a safe set of 64 characters (A-Z, a-z, 0-9 and two extras). It is the format you reach for whenever something has to travel through a place that only accepts plain text: a URL, a JSON field, an email header, a JWT, an XML attribute.

This tool does the boring part for you in the browser:

Encode: type any text, get the base64 string. Full UTF-8 support, so Polish letters, emoji, Chinese characters all encode correctly.
Decode: paste base64, get the original text back. The tool auto-detects the URL-safe variant (where `+` becomes `-` and `/` becomes `_`).
URL-safe switch for tokens that need to live in a URL without breaking it.
76-character line wrap for old MIME-style email bodies.

Live conversion as you type, byte counts and a size ratio on the side. Everything runs in your browser, nothing is uploaded.

How to use it

Pick a direction: Encode turns text into base64. Decode turns base64 back into text.
Type or paste into the input box. The result updates live, no button needed.
In Encode mode flip URL-safe if the output will sit in a URL or a filename. The tool swaps `+` and `/` for `-` and `_` and drops the `=` padding.
Flip Line wrap at 76 chars for MIME-friendly output (old email standards expect it).
In Decode mode the tool auto-detects URL-safe input by its character set, you do not need to switch anything.
Use Copy to grab the output, or Swap to run the result back through the other direction (handy when debugging).
Below the result you see input size, output size and ratio (base64 is always about 1.33x larger than the source).

When this is useful

Six everyday situations where base64 is the right answer:

Encoding a token for a URL. You have a session id or a one-time code and need to drop it into a link. Plain bytes break URLs. URL-safe base64 (with `-` and `_`, no padding) survives copy-paste, email clients and link previews.
Reading a JWT by hand. A JSON Web Token is just three base64-encoded parts joined by dots. Paste the middle part here in Decode mode and you instantly see the payload claims (issuer, expiry, user id). Or skip the manual split with the JWT decoder.
Stuffing data into a JSON payload. The API accepts JSON only. You need to send a config blob, a chunk of XML or a signed message. Base64-encode it once, drop it into a string field, no escaping headaches.
Debugging an email header. SMTP headers (subject, from, attachment names with non-ASCII) often arrive as `=?UTF-8?B?...?=`. Paste the base64 part here to see what the sender actually wrote.
Recovering text from a backup. Some export tools wrap user input in base64 to avoid character encoding issues. Decode it here and you have the original text back, with emoji and accents intact.
Sending Unicode through a legacy system. An older API treats everything as ASCII. Base64-encode your UTF-8 text on the way in, decode it on the way out, and accented letters and emoji survive the trip.

If you actually need a URL-safe escape for query parameters (not data transport), use the URL encoder. For HTML-context escaping (`<`, `&`, `"` on a page), use the HTML entities encoder.

Questions and answers

No. Base64 is a format, not a secret. Anyone with the string can decode it in one click (this tool does it). It hides values from a casual glance, but it gives zero protection against anyone who actively reads the data. If you need secrecy use proper encryption (AES, age, libsodium). Base64 is for transport, encryption is for privacy.

What is base64 and when do you actually need it?

This tool does the boring part for you in the browser:

Encode: type any text, get the base64 string. Full UTF-8 support, so Polish letters, emoji, Chinese characters all encode correctly.
Decode: paste base64, get the original text back. The tool auto-detects the URL-safe variant (where `+` becomes `-` and `/` becomes `_`).
URL-safe switch for tokens that need to live in a URL without breaking it.
76-character line wrap for old MIME-style email bodies.

Live conversion as you type, byte counts and a size ratio on the side. Everything runs in your browser, nothing is uploaded.

How to use it

Pick a direction: Encode turns text into base64. Decode turns base64 back into text.

Type or paste into the input box. The result updates live, no button needed.

In Encode mode flip URL-safe if the output will sit in a URL or a filename. The tool swaps `+` and `/` for `-` and `_` and drops the `=` padding.

Flip Line wrap at 76 chars for MIME-friendly output (old email standards expect it).

In Decode mode the tool auto-detects URL-safe input by its character set, you do not need to switch anything.

Use Copy to grab the output, or Swap to run the result back through the other direction (handy when debugging).

Below the result you see input size, output size and ratio (base64 is always about 1.33x larger than the source).

When this is useful

Six everyday situations where base64 is the right answer:

Encoding a token for a URL. You have a session id or a one-time code and need to drop it into a link. Plain bytes break URLs. URL-safe base64 (with `-` and `_`, no padding) survives copy-paste, email clients and link previews.
Reading a JWT by hand. A JSON Web Token is just three base64-encoded parts joined by dots. Paste the middle part here in Decode mode and you instantly see the payload claims (issuer, expiry, user id). Or skip the manual split with the JWT decoder.
Stuffing data into a JSON payload. The API accepts JSON only. You need to send a config blob, a chunk of XML or a signed message. Base64-encode it once, drop it into a string field, no escaping headaches.
Debugging an email header. SMTP headers (subject, from, attachment names with non-ASCII) often arrive as `=?UTF-8?B?...?=`. Paste the base64 part here to see what the sender actually wrote.
Recovering text from a backup. Some export tools wrap user input in base64 to avoid character encoding issues. Decode it here and you have the original text back, with emoji and accents intact.
Sending Unicode through a legacy system. An older API treats everything as ASCII. Base64-encode your UTF-8 text on the way in, decode it on the way out, and accented letters and emoji survive the trip.

If you actually need a URL-safe escape for query parameters (not data transport), use the URL encoder. For HTML-context escaping (`<`, `&`, `"` on a page), use the HTML entities encoder.

Questions and answers

Base64 Encoder

What is base64 and when do you actually need it?

How to use it

When this is useful

Questions and answers

Related tools

Image to Base64

URL encoder and decoder

JWT decoder

Base64 Encoder

What is base64 and when do you actually need it?

How to use it

When this is useful

Questions and answers

Related tools

Image to Base64

URL encoder and decoder

JWT decoder