logo
← Back to Blog

How to Encode and Decode Base64 (With Examples)

Published on February 7, 2026

What Is Base64?

Base64 is a binary-to-text encoding scheme that converts binary data into a string of 64 printable ASCII characters. It uses the characters A-Z, a-z, 0-9, plus (+), and slash (/), with = for padding. The encoding takes every three bytes of input and represents them as four Base64 characters, increasing the size by roughly 33%.

Base64 was originally designed for sending binary data through text-only channels like email (MIME) and Usenet. Today it remains widely used across web development for embedding images in HTML, passing data through URLs, and encoding credentials in HTTP headers.

Why Base64 Is Used

Email Attachments (MIME)

Email protocols were designed to carry text, not binary files. When you attach an image or PDF to an email, the mail client encodes the file as Base64 so it can travel safely through SMTP servers that only handle 7-bit ASCII. The recipient's client decodes it back to the original binary file.

Data URIs

Data URIs allow you to embed files directly in HTML or CSS without making an additional HTTP request. Small images, fonts, and icons are commonly inlined this way:

<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUA..." alt="icon" />

This eliminates a network round-trip, which can improve page load performance for small assets. However, Base64 increases file size by about a third, so it is not ideal for large images.

API Authentication

HTTP Basic Authentication encodes the username and password as a Base64 string in the Authorization header:

// username: admin, password: secret123
Authorization: Basic YWRtaW46c2VjcmV0MTIz

// Decoding reveals:
// admin:secret123

Encoding vs Encryption

A common misconception is that Base64 provides security. It does not. Encoding is a reversible transformation — anyone can decode a Base64 string without any key or password. Encryption, on the other hand, uses a secret key to make data unreadable without the corresponding decryption key.

Never use Base64 to "hide" sensitive information like passwords, tokens, or personal data. If you need to protect data in transit, use HTTPS. If you need to protect data at rest, use proper encryption algorithms like AES-256.

How to Use the PulpMiner Base64 Tool

The Base64 Encoder/Decoder makes conversion effortless:

  1. Paste your text or Base64 string into the input area.
  2. Choose Encode or Decode — the tool automatically detects valid Base64 and suggests the right direction.
  3. Copy the result from the output panel with a single click.

Base64 in JavaScript

JavaScript provides built-in functions for Base64 encoding and decoding:

// Encoding
const encoded = btoa("Hello, World!");
console.log(encoded); // "SGVsbG8sIFdvcmxkIQ=="

// Decoding
const decoded = atob("SGVsbG8sIFdvcmxkIQ==");
console.log(decoded); // "Hello, World!"

Note that btoa and atob only handle Latin-1 characters. For Unicode text you need to encode to UTF-8 first:

// Unicode-safe encoding
const encoded = btoa(new TextEncoder().encode("Hello ").reduce(
  (data, byte) => data + String.fromCharCode(byte), ""
));

URL-Safe Base64

Standard Base64 uses + and / which have special meaning in URLs. URL-safe Base64 replaces these with - and _ respectively, and often omits the padding = characters. This variant is used in JWTs, URL parameters, and file names where standard Base64 would cause issues.

Ready to encode or decode? Try the Base64 Tool — free, instant, and completely client-side.

Need to extract data from websites?

PulpMiner turns any webpage into a structured JSON API. No scraping code needed — just point, click, and get clean data.

Try PulpMiner Free

No credit card required