What Is Base64 Encoding and How Does It Work?

Base64 is an encoding scheme that converts binary data into a string of printable ASCII characters. It appears constantly in web development — in data URIs for images embedded in HTML and CSS, in HTTP Basic Authentication headers, in JSON Web Tokens, in email attachments, and in any API payload that needs to carry binary content through a system designed for text.

Understanding Base64 removes the mystery from things like why a JWT looks like a long random string, why embedded images in HTML start with iVBOR, and why auth headers look nothing like the credentials you typed. Use our Base64 Encoder and Base64 Decoder to encode or decode any string or file instantly.

The internet was built on protocols designed for plain text — SMTP (email), HTTP, XML, JSON, and HTML all handle text reliably. The problem is binary data: image files, audio, executables, and compressed archives contain byte values that text protocols can misinterpret as control characters, end-of-file markers, or formatting signals.

Values like 0 (null byte), 10 (line feed), 13 (carriage return), and bytes above 127 all have special meaning in various text systems. Base64 solves this by representing any binary data using only 64 safe ASCII characters: uppercase A-Z (26 characters), lowercase a-z (26 characters), digits 0-9 (10 characters), plus and slash (2 characters). The equals sign = is used as padding. These 65 characters are universally safe in every text-based system.

The trade-off is a 33% size increase. Every 3 bytes of binary data becomes 4 Base64 characters. For most applications this is acceptable — the alternative is data corruption during transmission. When size matters, gzip compression applied before or after encoding can recover most of this overhead.

The encoding process takes binary input three bytes at a time — 24 bits total — and splits those 24 bits into four groups of 6 bits each. Each 6-bit value (ranging from 0 to 63) maps to one character in the Base64 alphabet table.

Example: encoding the word "Man" M = 01001101, a = 01100001, n = 01101110 Combined 24 bits: 010011010110000101101110 Split into 6-bit groups: 010011 | 010110 | 000101 | 101110 Decimal values: 19, 22, 5, 46 Base64 alphabet mapping: T, W, F, u Final result: "TWFu"

When the input is not divisible by 3, padding is added: One remaining byte: two Base64 characters + == Two remaining bytes: three Base64 characters + = This padding ensures the output length is always a multiple of 4, which simplifies decoding on the receiving end.

You can embed images directly in HTML or CSS without a separate HTTP request using a data URI. The browser decodes and renders the image immediately, without making a network request. This is exactly what our Image to Base64 tool does — it converts your uploaded image into a ready-to-paste data URI.

Format: data:[media-type];base64,[encoded-data] Example: <img src="data:image/png;base64,iVBORw0KGgo...">

Use data URIs for images under 5KB where eliminating an HTTP request improves load time. For larger images, the 33% size overhead and loss of browser caching outweigh the benefit. Large images should be served as separate files from a CDN. If your site has SSL issues that affect image loading, check them with our SSL Lookup tool.

The Authorization header encodes credentials as Base64: Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=

Decoding that gives username:password. Base64 provides zero security — anyone can decode it instantly without a key. What makes Basic Auth safe is HTTPS, which encrypts the entire HTTP exchange including all headers. Never use Basic Auth over plain HTTP. You can verify HTTPS is configured correctly on your domain with our SSL Lookup tool.

JWTs use Base64URL — a URL-safe variant that replaces + with - and / with _, and omits = padding. A JWT is three Base64URL sections joined by dots: header.payload.signature. The header and payload are readable by anyone who decodes them. The signature verifies the token was not tampered with. Base64URL is transport formatting, not security.

Email protocols handle plain text. Binary files — PDFs, images, spreadsheets — are Base64-encoded before being attached. Your email client handles this automatically. The encoding explains why email attachments are slightly larger than the original files and why email with many attachments takes longer to download.

JSON is text-only and cannot carry raw binary. When an API needs to transmit images or files in a JSON payload, Base64 encoding is the standard approach. The file is encoded to a string, included in the JSON, sent over the wire, and decoded by the receiver. For very large files, multipart form data upload is more efficient, but Base64 in JSON is the dominant approach for small files and images in REST APIs.

btoa("hello") gives "aGVsbG8=" atob("aGVsbG8=") gives "hello" Note: btoa() only handles Latin-1 characters. For full Unicode support, encode text to UTF-8 bytes first before calling btoa().

Buffer.from("hello").toString("base64") gives "aGVsbG8=" Buffer.from("aGVsbG8=", "base64").toString() gives "hello"

import base64 base64.b64encode(b"hello") returns b"aGVsbG8=" base64.b64decode("aGVsbG8=") returns b"hello"

base64_encode("hello") returns "aGVsbG8=" base64_decode("aGVsbG8=") returns "hello"

For working with images specifically, our Base64 to Image tool lets you paste a Base64 string and preview or download the resulting image directly in your browser without writing any code.