What is Base64?
Base64 is an encoding scheme that converts binary data into a text representation using only 64 printable ASCII characters: A-Z, a-z, 0-9, +, and /. A 65th character, =, is used for padding.
The name comes from the fact that each Base64 character represents 6 bits of data (2⁶ = 64 possible values).
Why Base64?
Many systems and protocols are designed to handle only text, not arbitrary binary data. Email (MIME), HTTP headers, HTML data URLs, and many APIs are text-based. Base64 provides a way to safely transmit binary data (like images, files, or binary tokens) through these text channels.
Common uses include: embedding images in CSS/HTML, encoding JWT tokens, transmitting binary data in JSON APIs, and storing binary data in databases that don't support binary types.
How it Works
Every 3 bytes (24 bits) of input becomes 4 Base64 characters (4 × 6 bits = 24 bits). This means Base64-encoded data is always about 33% larger than the original binary data.
If the input is not divisible by 3, padding characters (= or ==) are added to make the output length a multiple of 4.
URL-safe Base64
Standard Base64 uses + and /, which have special meanings in URLs. URL-safe Base64 substitutes - for + and _ for /. This variant is used in JWTs and web authentication.
When NOT to Use Base64
Don't use Base64 as encryption — it's just encoding, not security. Anyone can decode it instantly. Don't use it to store passwords. Don't use it to "hide" sensitive data in URLs — the increase in size and false sense of security make it harmful.
Also avoid Base64-encoding data that's already text (like JSON) unless a specific protocol requires it.