Turn any text into Base64
If you’ve ever needed to stuff a password into an HTTP header, embed a small image in CSS, or create a Kubernetes secret, you’ve dealt with Base64. The gist is simple: take your text, convert it to bytes, and represent those bytes using 64 safe ASCII characters that won’t get mangled by email servers, URL parsers, or JSON serializers.
Paste your text here, click encode, and you get a Base64 string ready to drop into your code. Done.
The Unicode problem (and why btoa isn’t enough)
Here’s something that trips people up. JavaScript’s built-in btoa() function chokes on anything outside the Latin-1 range. Try encoding an emoji or a Chinese character and you’ll get an error. This tool converts your input to UTF-8 bytes first, then applies Base64, so emojis, Arabic, CJK characters, and everything else come through perfectly.
All processing stays in your browser. Nothing gets uploaded anywhere.
Where Base64 encoding actually gets used
HTTP Basic Auth is the classic example. Your username:password gets Base64-encoded and stuck in the Authorization header as Basic dXNlcjpwYXNz. It’s not secure on its own (that’s what TLS is for), but it’s how the spec works.
Kubernetes secrets might be the most tedious use case. Every value in a K8s secret manifest needs to be Base64-encoded. echo -n "my-password" | base64 gets old fast.
Data URIs let you embed small images directly in HTML or CSS: background-image: url('data:image/png;base64,...'). It saves an HTTP request at the cost of ~33% larger payload. Good for tiny icons, bad for hero images. For encoding actual image files, there’s the Base64 Image Encoder.
You’ll also see Base64 in MIME email attachments, JSON payloads carrying binary data, and auth tokens of all kinds.
The 33% overhead trade-off
Under the hood, every 3 bytes of input become 4 bytes of output. The alphabet is A-Z, a-z, 0-9, +, /, with = for padding. That 33% size increase is the price you pay for text-safe representation. For a 100-byte API key it’s irrelevant. For a 5MB image, maybe reconsider.
There’s also Base64URL: same idea but with - instead of + and _ instead of /, no padding. That’s what JWTs use. This tool outputs standard Base64.
To reverse the process, grab the Base64 Decoder.
FAQ
Does my text leave the browser?
Nope. Client-side JavaScript, no server calls. Safe for passwords, API keys, whatever.
Unicode and emojis work?
Yes, full UTF-8 support. The tool handles the encoding pipeline correctly, unlike btoa.
How much bigger is the output?
About 33%. Three input bytes become four output characters. Plus up to 2 padding characters at the end.
Base64 vs Base64URL?
Standard Base64 uses + and /. Base64URL swaps those for - and _ and usually drops the = padding. JWTs, URL parameters, and filenames tend to use Base64URL. This tool produces standard Base64.