ToolCrispToolCrisp
Format GuideMarch 8, 2026

What Is Base64 Encoding? A Plain-English Guide

A clear explanation of Base64 encoding — what it is, how it works, and where it is used in web development, emails, and APIs.

TL;DR

Base64 converts binary data (images, files) into safe ASCII text so it can travel through systems that only handle text. It is not encryption — anyone can decode it. Use the Base64 encoder or decoder to convert text instantly in your browser.

What Is Base64?

Base64 is an encoding scheme that represents binary data as a string of ASCII characters. The name comes from the 64 characters used in the encoding: A–Z, a–z, 0–9, plus + and / (with = for padding).

The core problem Base64 solves: many protocols (email, HTTP headers, JSON) were designed for text and choke on raw binary bytes. Base64 converts any binary data — images, PDFs, audio — into a safe string that travels through text-only channels without corruption.

Text: Hello

Base64: SGVsbG8=

How Does It Work?

Base64 takes every 3 bytes of binary data and maps them to 4 printable characters. This 3-to-4 ratio means Base64-encoded data is always about 33% larger than the original. The process is fully reversible — decoding recovers the exact original bytes.

Think of it like converting a binary file into a very long word that only uses the 64 safe characters. The “word” can be stored in a database text field, placed inside a JSON string, or sent in an HTTP header without any special handling.

Where Is Base64 Used?

Inline images in CSS / HTML

Instead of a separate image request, you can embed a small image directly in CSS or HTML using a data URI:

background-image: url("data:image/png;base64,iVBORw0KGgo...")

Use the Image to Base64 converter to get the data URI from any image file.

JSON Web Tokens (JWTs)

A JWT has three parts separated by dots. Each part is Base64URL-encoded (a variant of Base64 safe for URLs). The first two parts — header and payload — are just Base64-encoded JSON. You can decode them in any Base64 decoder to read the claims inside.

Email attachments (MIME)

SMTP (email protocol) was originally text-only. Email clients Base64-encode attachments so binary files can travel as text through mail servers. MIME encoding wraps attachments in Base64 blocks.

HTTP Basic Authentication

The Authorization: Basic header encodes credentials as username:password in Base64. This is not secure on its own — it is just encoding, not encryption. Always use HTTPS.

API payloads and configuration

Many APIs accept file uploads as Base64 strings inside JSON rather than multipart form uploads. Some configuration systems (Kubernetes secrets, environment variables) store binary credentials as Base64.

Is Base64 Secure?

No. Base64 is an encoding, not encryption. Anyone who can see the Base64 string can decode it instantly — there is no key, no password, no secret. Never use Base64 to protect sensitive data. If you need security, use proper encryption (AES, RSA) or HTTPS transport.

Free Base64 Tools

Related Tools

Base64 EncodeBase64 DecodeImage To Base64