Type on either side — conversion happens live. Emoji and non-ASCII round-trip correctly. Supports standard Base64 and Base64URL. Everything runs in your browser.
Base64 is an encoding — not encryption — that turns arbitrary bytes into 64 printable ASCII characters so they survive text-only transports like email bodies, JSON fields, and URL parameters. This tool is UTF-8 safe: your text is encoded to UTF-8 bytes first, then Base64ed, so emoji and non-ASCII scripts round-trip cleanly.
No. This is a single static HTML page served from GitHub Pages. Encoding uses TextEncoder + btoa, decoding uses atob + TextDecoder. Your input never touches our infrastructure — there is no backend here to touch it. Open DevTools → Network to confirm: zero outbound requests.
Standard Base64 (RFC 4648 §4) uses A–Z a–z 0–9 + / with = padding. Base64URL (§5) swaps + → - and / → _, and typically strips trailing =. JWTs, OAuth tokens, and most web APIs use the URL-safe variant. Toggle the checkbox above to switch; the decoder accepts either variant automatically.
No. Base64 is reversible by anyone — it offers zero confidentiality. If you're trying to hide something, use real encryption (AES-GCM, age, libsodium). Base64 is only for making binary data safe to transport through text-only channels.
Because they call btoa() directly on a JavaScript string. btoa only accepts Latin-1 code points (0x00–0xFF) and throws InvalidCharacterError on anything higher. This tool fixes that by UTF-8-encoding the string with TextEncoder first, then Base64-ing the bytes. Emoji, CJK, Hebrew, Arabic, Devanagari — all round-trip correctly.
The ClipGate CLI's classifier treats long, high-entropy Base64-looking strings as probable secrets and requires explicit unlock before paste. Paste a long encoded string on the left of this page and watch the sidebar flag it — that's the live classifier, identical behavior to what runs in the CLI.