Base64 Encode/Decode

Base64 is an encoding scheme that represents binary data using 64 printable ASCII characters. Its core purpose is not secrecy, but safe passage: it lets byte content that would otherwise break plain-text channels move through email, form fields, configuration snippets, JWT components, Data URIs, and other text-only boundaries. This is why Base64 remains a high-frequency baseline tool in RFC 4648, MIME specifications, and everyday development, debugging, and content-transmission workflows.

Base64 encoding algorithm principles

The Base64 principle is straightforward: it rechunks raw bytes into 6-bit blocks suitable for text mapping, then outputs results according to a fixed character table. What really needs explanation is not algorithm complexity, but whether you are currently processing raw bytes, text content, Base64URL fragments, or Data URIs with MIME prefixes.

1. Split input data into groups of 3 bytes each.
2. Regroup these 3 bytes (24 bits total) into 4 blocks of 6 bits each.
3. Map each 6-bit value (range 0-63) to the Base64 character table.
4. If the last group has fewer than 3 bytes, pad with 0 bits and append the appropriate number of `=` characters as padding.

Base64 character set: A-Z, a-z, 0-9, +, /
Padding character: =

How to use this tool

1. Choose whether you want to encode plain text to Base64 or decode copied Base64 back to readable text.
2. Paste a UTF-8 text sample or a complete Base64 string and review padding, character encoding, or URL-safe differences.
3. Copy the encoded or decoded result only after the output matches the exact bytes or visible text you expect.

Classic example: why does "Man" become "TWFu"

ASCII codes for "Man": 77 97 110
Binary representation: 01001101 01100001 01101110
Regrouped into 6-bit blocks: 010011 010110 000101 101110
Decimal values: 19 22 5 46
Base64 result: T W F u

Simplified JavaScript implementation example

The purpose of this example code is not to replace the browser's built-in API, but to give you a more intuitive understanding of the 3-byte to 4-Base64-character conversion process.

function encodeBase64Simple(bytes) {
  const alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
  let output = "";

  for (let i = 0; i < bytes.length; i += 3) {
    const b1 = bytes[i];
    const b2 = i + 1 < bytes.length ? bytes[i + 1] : 0;
    const b3 = i + 2 < bytes.length ? bytes[i + 2] : 0;
    const triplet = (b1 << 16) | (b2 << 8) | b3;

    output += alphabet[(triplet >> 18) & 0x3f];
    output += alphabet[(triplet >> 12) & 0x3f];
    output += i + 1 < bytes.length ? alphabet[(triplet >> 6) & 0x3f] : "=";
    output += i + 2 < bytes.length ? alphabet[triplet & 0x3f] : "=";
  }

  return output;
}

Common use cases

• MIME email attachments or other binary data that needs to travel over pure-text transport.
• URL-safe Base64URL variant scenarios, such as JWT header and payload components.
• Embedding small images or font data into HTML or CSS as Data URIs.
• Carrying byte content unsuitable for direct exposure inside XML, JSON, or configuration snippets.
• Quickly checking whether copied token fragments, response payloads, or log data are simply Base64-wrapped.

Advanced boundaries and common misconceptions

The genuinely tricky Base64 problems are rarely about the algorithm itself — they arise at boundary contexts: whether standard Base64 and Base64URL are being mixed, whether the Data URI prefix is complete, whether line breaks in MIME contexts are being preserved, and what character encoding the text was using before entering the encoder. These issues present as 'decoding failed' or 'garbled output', but are almost always a context mismatch.

• Base64URL replaces `+` and `/` with `-` and `_`, and sometimes omits padding, so it cannot always be fed directly into a strict standard Base64 decoder.
• Base64 increases data size by roughly one third on average, so it trades transmission convenience for storage efficiency.
• Base64 is not encryption. Anyone who has the content can restore the original bytes without any key.
• Base64 for large files significantly increases memory and processing costs, especially in browser and frontend payload contexts.
• If the result ultimately needs to go into a Data URI, JWT, or other specific container, the surrounding syntax and prefix are often just as important as the encoded value itself.

Base64 compared with other encodings

Practical Notes

• Review padding, character encoding, URL-safe variants, line breaks, and whether the content is actually encrypted elsewhere before you reuse the Base64 text or decoded plain text ready for inspection.
• Base64 is reversible encoding, not encryption; do not treat decoded or encoded output as protected secret storage.
• Keep the original plain text, copied Base64 strings, token fragments, data snippets, and UTF-8 content available when the result affects production work or customer-visible content.

Base64 Encode/Decode reference

Base64 Encode/Decode should explain the algorithm, common uses, character-set handling, and how Base64 differs from encryption.

• Base64 groups every 3 original bytes into 24 bits, splits them into 4 chunks of 6 bits, then maps each chunk to a 64-character alphabet.
• When the input length is not divisible by 3, `=` padding is added so the output length stays aligned to 4 characters.
• It is reversible and should not be used to protect secrets by itself.
• Character encoding matters when converting non-ASCII text; UTF-8 is the safest default.

References

• RFC 4648: Base-N Encodings
• MDN: Window.atob()