Free Base64 encoder decoder
Encode text to Base64 and decode Base64 back to text or a file, with the URL-safe alphabet, padding, and 76-character MIME wrapping under your control. Everything is converted on your device, so the token or config blob you paste is never sent to a server.
0 characters · 0 bytes (UTF-8)
Copied to clipboard
How the Base64 encoder and decoder works
Choose encode or decode
Paste text to encode, or paste Base64 to read it back. In file mode you can drop a file up to 5 MB, or rebuild a file from Base64.
Set the alphabet and padding
Switch to the URL-safe alphabet, drop the trailing padding, or wrap the output at 76 characters for MIME. Text is treated as UTF-8 throughout.
Copy or download
Copy the result, save it as a text file, or download the decoded bytes as a real file. No network request is made at any point.
Private by design: nothing leaves your browser
The things people decode are rarely harmless. An API token, a Kubernetes secret, a basic-auth header, half a config file. Plenty of online decoders post that string to a backend before they show you anything. This one does the work in the page:
100% client-side
Conversion uses TextEncoder, TextDecoder, and the browser's own btoa and atob. Files are read with FileReader on your device. No request carries your input anywhere.
Nothing stored or logged
There is no account and no history. What you paste lives in the tab's memory and is gone when you reload or close it.
Works offline
Once the page has loaded you can pull the network cable and it keeps working, which is the simplest proof that nothing is being uploaded.
Base64 is encoding, not encryption
- Anyone can decode Base64 without a key. It protects nothing, so never use it to hide a password or a secret.
- Its job is to move bytes safely through channels that expect text, such as email bodies, JSON fields, and data URIs.
- Encoding grows the payload by about a third, since every three bytes become four characters.
- If the value must stay unreadable, encrypt it first, then Base64 the ciphertext.
Built for developers and security-conscious teams
Anyone who decodes a string they would rather not hand to a stranger's server. BlockSurvey takes the same position on research data with zero-knowledge surveys, where responses are encrypted before they ever reach a server.
Developers
Read a basic-auth header, unpack a Kubernetes secret, check what a webhook sent, or turn a small icon into a data URI without adding a build step.
Security & IT teams
Decode a suspicious payload from a log or a phishing sample during triage, on a page that does not forward it to a third party.
API integrators
Match the exact variant a partner expects, whether that is URL-safe without padding for a JWT segment or 76-character lines for a MIME attachment.
Building something that handles sensitive data?
BlockSurvey runs on zero-knowledge surveys, so the responses you collect are never sold or mined. Responses are encrypted on the respondent's device, so the server stores nothing readable.
More free privacy tools
Browse all privacy toolsThese tools run in your browser because that is how we build everything. The same idea, applied to research: privacy-first surveys with end-to-end encryption.