What Base64 Is, In One Paragraph
Base64 is a way to represent binary data — bytes that aren't necessarily printable text — using only 64 ASCII characters that any system can handle: A-Z, a-z, 0-9, plus + and /. It's not encryption. It's not compression. It's a translation that turns binary into something safe to put in a URL, an email body, a JSON string, or anywhere else that expects plain text. Decoding reverses the translation.
Every three bytes of input become four characters of output, padded with = to keep the length aligned. That's why a Base64-encoded string is always 33-37% longer than the original.
How the Microapp Encoder/Decoder Works
Paste any text into the input box and the encoded version appears instantly in the output. The conversion happens in your browser — your text never touches our servers. To decode, switch the direction toggle and paste your Base64 string; the original text reappears.
The tool handles UTF-8 input correctly, which matters more than people realize. Native JavaScript btoa() breaks on Unicode (try encoding "café" — it throws). Microapp's encoder converts to UTF-8 bytes first, then applies Base64, so emoji, accented characters, and non-Latin scripts all round-trip cleanly.
Hello!Step 1: bytes are
72 101 108 108 111 33 (ASCII).Step 2: regroup into 6-bit chunks:
010010 000110 010101 101100 011011 000110 111100 100001.Step 3: each 6-bit chunk maps to a Base64 char:
SGVsbG8h. Done.
What Base64 Is Used For
Embedding images directly in HTML or CSS via data:image/png;base64,... URLs — the image lives inside the page, no separate HTTP request. Useful for tiny icons or single-page documents that need to work offline.
Authorization headers. Basic auth in HTTP literally Base64-encodes username:password and sends it. Not secure on its own — it's only a thin obfuscation layer over the wire — which is why Basic auth is paired with HTTPS in practice.
Email attachments. The MIME spec uses Base64 for any binary attachment because the SMTP protocol historically only handled 7-bit ASCII. Even modern email still encodes attachments this way.
JSON payloads carrying binary data. APIs that accept files in a JSON body usually want them Base64-encoded so they fit inside the string field.
What Base64 Is NOT
It's not encryption. Anyone can decode a Base64 string with two lines of code or this tool. If you're "encoding sensitive data" with Base64 alone, the data isn't protected — it's just dressed up in a different costume. Use real encryption (AES, RSA) when you need confidentiality.
It's not compression. Base64 always makes data bigger, never smaller. The 33% overhead is the price of staying inside ASCII.
It's not a hash. A hash is one-way (you can't recover the input from the output). Base64 is fully reversible — the whole point is that you can decode it back.
Common Pitfalls
URL-safe Base64. The standard alphabet uses + and /, both of which have meaning inside URLs and need percent-encoding. URL-safe Base64 swaps them for - and _ and drops the = padding. If a Base64 string from a JWT or OAuth token won't decode, check whether it's URL-safe variant.
Line breaks. Some Base64 outputs (especially MIME) include line breaks every 76 characters. Most decoders strip them, but a strict decoder might reject the input. The Microapp decoder strips whitespace before decoding.
Padding. A valid Base64 string's length is always a multiple of 4. Strings ending in == had 1 input byte in the final group; = meant 2 bytes; no padding meant 3 bytes. Some implementations omit padding — most decoders handle the missing padding, but it can trip up strict ones.
Related Tools
If you need to encode characters for a URL specifically (not arbitrary binary), try the URL Encoder/Decoder. For one-way hashes that can't be reversed, the MD5 Hash Generator or SHA-256 Generator are the right tools. To encode HTML special characters like < and > as entities, use the HTML Encoder/Decoder.