Home/ Articles/ What is Base64?
Fundamentals 5 min read

What is Base64 Encoding?

Base64 is a binary-to-text encoding scheme that converts binary data into a string of printable ASCII characters. It is not encryption — it is a way to safely transport binary data over channels that only handle text.

Contents
  1. How Base64 encoding works
  2. The 64-character alphabet
  3. Padding with =
  4. Size overhead
  5. When to use Base64
  6. Base64 is NOT encryption
  7. Variants
  8. FAQ

How Base64 Encoding Works

Base64 works by taking binary input and processing it in groups of 3 bytes (24 bits). Each group is split into four 6-bit values. Since 2⁶ = 64, each 6-bit value maps to one of 64 printable characters. This is where the name "Base64" comes from.

Let's trace through an example encoding the string Man:

M        a        n
01001101 01100001 01101110   ← 3 bytes = 24 bits

Split into four 6-bit groups:
010011  010110  000101  101110
  19      22      5      46

Look up in alphabet:
  T       W       F      u   →  "TWFu"

So Man encodes to TWFu. Every 3 input bytes produce exactly 4 output characters.

The 64-Character Alphabet

The standard Base64 alphabet (defined in RFC 4648) maps 6-bit values 0–63 to these characters:

Value  Char   Value  Char   Value  Char   Value  Char
  0     A      16     Q      32     g      48     w
  1     B      17     R      33     h      49     x
  2     C      18     S      34     i      50     y
  3     D      19     T      35     j      51     z
  4     E      20     U      36     k      52     0
  5     F      21     V      37     l      53     1
  6     G      22     W      38     m      54     2
  7     H      23     X      39     n      55     3
  8     I      24     Y      40     o      56     4
  9     J      25     Z      41     p      57     5
 10     K      26     a      42     q      58     6
 11     L      27     b      43     r      59     7
 12     M      28     c      44     s      60     8
 13     N      29     d      45     t      61     9
 14     O      30     e      46     u      62     +
 15     P      31     f      47     v      63     /

Characters 0–25 are uppercase A-Z, 26–51 are lowercase a-z, 52–61 are digits 0-9, and the final two are + and /.

Padding with =

Base64 processes input in 3-byte chunks. If the input length is not a multiple of 3, the final group is padded:

  • If 1 byte remains: two Base64 characters are emitted followed by ==
  • If 2 bytes remain: three Base64 characters are emitted followed by =
Input: "M"     →  Output: "TQ=="   (1 byte → 2 chars + "==")
Input: "Ma"    →  Output: "TWE="   (2 bytes → 3 chars + "=")
Input: "Man"   →  Output: "TWFu"   (3 bytes → 4 chars, no padding)

Padding ensures the output length is always a multiple of 4, which some decoders require. URL-safe Base64 often omits padding.

Size Overhead

Base64 always produces output that is approximately 33% larger than the original binary data:

  • 3 input bytes → 4 output characters (plus any whitespace or padding)
  • A 1 KB binary file becomes approximately 1.37 KB as Base64
  • A 1 MB image becomes approximately 1.37 MB as a Base64 data URI

This overhead is the main tradeoff when using Base64 for embedding images or transmitting binary payloads.

When to Use Base64

Base64 is the right tool when you need to transport binary data through a text-only channel:

  • Email attachments (MIME): Email was designed for ASCII text. SMTP uses Base64 to attach binary files.
  • Data URIs: Embedding images, fonts, or other assets directly in HTML or CSS without a separate HTTP request.
  • JSON and XML payloads: JSON cannot natively contain binary data — Base64-encode binary fields.
  • JWT (JSON Web Tokens): JWT headers and payloads are Base64URL-encoded JSON objects.
  • PEM certificates: TLS/SSL certificates and private keys in PEM format are Base64-encoded DER data.
  • HTTP Basic Authentication: The Authorization: Basic header contains username:password Base64-encoded.
  • CSS inlining: Background images and fonts can be embedded as Base64 data URIs to reduce HTTP requests.

Base64 is NOT Encryption

Important: Base64 is encoding, not encryption. Anyone can decode a Base64 string instantly without a key. Do not use Base64 to "protect" sensitive data — use proper encryption (AES, RSA) for that purpose.

A common mistake is assuming Base64-encoded passwords or tokens are hidden. They are not. Base64 exists purely to make binary data safe for text-based transport — not to add security.

Variants of Base64

Several Base64 variants exist for specific use cases:

  • Standard Base64 (RFC 4648 §4): Uses + and /, padded with =. The most common variant.
  • URL-safe Base64 (RFC 4648 §5): Replaces + with - and / with _. Padding is often omitted. Used in JWTs and URL parameters.
  • MIME Base64 (RFC 2045): Standard alphabet but splits output into 76-character lines with CRLF. Used in email.
  • Base64 with no padding: Omits trailing = characters. Common in compact tokens.

The URL-safe Base64 variant is particularly important for developers working with JWTs or OAuth tokens.

Frequently Asked Questions

Why is it called Base64?

Just as decimal numbers use base 10 (10 possible digit values) and binary uses base 2, Base64 uses base 64 — meaning 64 possible values per character position. Each 6-bit group maps to one of 64 characters.

Is Base64 compression?

No — Base64 expands data by ~33%, the opposite of compression. It is purely an encoding scheme for transport safety, not size reduction.

Can Base64 handle any binary data?

Yes. Base64 can encode any byte sequence, including images, PDFs, audio files, executables, and arbitrary binary data.

How do I decode a Base64 string?

Use the tool at base64.dev — paste your string and it auto-detects Base64 and decodes it instantly. Or use atob() in JavaScript, base64.b64decode() in Python, etc.

Try Base64 encoding and decoding instantly

Paste any text or Base64 string — auto-detected, no buttons needed.

Open base64.dev →