3️⃣2️⃣

Base32 Encoder / Decoder

Encode text or binary data to Base32, or decode Base32 strings back to text. Uses the RFC 4648 standard alphabet (A–Z, 2–7).

Standard: RFC 4648 Base32  ·  Alphabet: A–Z (uppercase) + digits 2–7  ·  Padding: = characters to reach a multiple of 8

About Base32 Encoder / Decoder

Base32 is a binary-to-text encoding scheme defined in RFC 4648. It represents binary data using 32 printable ASCII characters - the 26 uppercase letters A–Z and the digits 2–7. It is more compact than hexadecimal and more readable than Base64, making it popular in TOTP/2FA secrets, file systems, and encoded identifiers.

When to Use Base32

Base32 is used in TOTP (Time-based One-Time Password) secret keys (Google Authenticator, Authy), DNS labels, Onion addresses (Tor), and anywhere a case-insensitive encoding is required.

Frequently Asked Questions

Base64 uses 64 characters (A–Z, a–z, 0–9, +, /) and is more compact. Base32 uses only 32 characters (A–Z, 2–7) and is case-insensitive, making it safer for use in URLs, DNS, and systems that may convert case. Base32 output is about 60% longer than Base64 for the same input.
Base32 encodes 5 bits per character and processes input in 5-byte (40-bit) blocks. Padding characters (=) are added to align the output to a multiple of 8 characters when the input length is not a multiple of 5.
The digits 0 and 1 are visually similar to the letters O and I, which could cause confusion in manual transcription. RFC 4648 uses digits 2–7 instead to avoid this ambiguity.
No. Base32 is encoding, not encryption. It is fully reversible by anyone without a key. It does not provide confidentiality. Use AES-256 if you need to protect data.

About Base32 Encoder / Decoder — Base32 Encoder Decoder Online

Base32 is a binary-to-text encoding scheme defined in RFC 4648 that represents data using 32 printable ASCII characters: the 26 uppercase letters A–Z and the digits 2–7. This Base32 encoder decoder online tool lets you instantly convert any text or binary data to Base32 format, or reverse the process by decoding a Base32 string back to readable text. It runs entirely in your browser, requires no installation, and never sends your data to a server.

Base32 is widely used by developers, security engineers, and system administrators who need a case-insensitive, URL-safe encoding. Its most common applications include TOTP two-factor authentication secrets used by apps like Google Authenticator and Authy, DNS labels, Tor onion addresses, and any context where lowercase letters cannot be guaranteed to be preserved correctly. Because it avoids ambiguous characters and uses only uppercase letters and specific digits, Base32-encoded strings are easier to transcribe by hand than Base64.

How to Use the Base32 Encoder / Decoder

  1. Select the mode by clicking Encode → Base32 or Decode ← Base32 at the top of the tool.
  2. Type or paste your input text into the Input textarea. For encoding, enter plain text. For decoding, paste a valid Base32 string using only A–Z and 2–7 characters.
  3. Click the Encode or Decode button to run the conversion. The result appears in the output area below.
  4. Review the character count summary that shows input length versus output length so you can estimate size expansion.
  5. Click Copy Output to copy the result to your clipboard, or click Use as Input to chain conversions by sending the output back to the input field.

Base32 Alphabet and Encoding Rules

The RFC 4648 Base32 alphabet consists of 32 characters: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 2 3 4 5 6 7. Each character encodes exactly 5 bits of data. The encoder processes the input in groups of 5 bytes (40 bits), converting each group into 8 Base32 characters. When the input length is not a multiple of 5 bytes, padding characters (=) are appended to make the output a multiple of 8 characters. This padding is required by the RFC 4648 standard and some decoders expect it to be present.

The digits 0 and 1 are deliberately excluded from the alphabet because they look similar to the letters O and I in many fonts, which would cause transcription errors when users copy strings by hand. The digits 2–7 were chosen instead to complete the 32-character set while avoiding this visual ambiguity.

Tips for Getting the Best Results

  • Strip whitespace before decoding: Base32 strings copied from emails or documents sometimes contain extra spaces or line breaks. Paste the string into a text editor and remove all whitespace before decoding to avoid invalid character errors.
  • Check padding when decoding TOTP secrets: Some authenticator apps omit the trailing = padding from their Base32 secrets. If decoding fails, try adding one or two = characters at the end of the string until the length is a multiple of 8.
  • Use the swap button for round-trip testing: After encoding, click Use as Input and switch to decode mode to verify the decoded result matches your original input exactly.
  • Mind the case: Base32 decoding is case-insensitive — lowercase letters are accepted and treated the same as uppercase. The encoder always produces uppercase output per the RFC 4648 standard.
  • Keep encoded strings short for QR codes: Base32-encoded TOTP secrets are often embedded in QR codes for authenticator app setup. Shorter secrets produce simpler QR codes that scan more reliably on low-resolution cameras.

Why Use a Base32 Encoder Decoder Online

Browser-based tools like this Base32 encoder decoder online offer significant advantages over desktop applications or command-line utilities. There is nothing to install, no runtime dependencies, and no account required. The tool works on any device with a modern browser — Windows, macOS, Linux, iOS, or Android. Because all processing happens locally in JavaScript, your data never leaves your device and there is no risk of sensitive TOTP secrets or private data being logged on a remote server.

Developers use this tool to validate Base32 outputs from server-side libraries, debug TOTP authentication flows, and manually encode or decode test data during development. Security professionals use it to inspect 2FA secret keys. System administrators use it to work with DNS labels and encoded identifiers without needing to install Python or other tools on a locked-down workstation.

Frequently Asked Questions about Base32 Encoder / Decoder

Base64 uses 64 characters (A–Z, a–z, 0–9, +, /) and produces output about 33% larger than the input. Base32 uses only 32 characters (A–Z, 2–7) and produces output about 60% larger than the input. The key advantage of Base32 is that it is fully case-insensitive and avoids URL-unsafe characters, making it more reliable in environments that may alter the case of transmitted strings.
Base32 is used primarily in TOTP two-factor authentication secrets for apps such as Google Authenticator, Authy, and Microsoft Authenticator. It is also used in Tor hidden service (.onion) addresses, IPFS content identifiers, DNS labels where case-insensitivity is important, some file systems, and encoded identifiers that need to be manually transcribed.
Padding characters (=) are added because Base32 processes input in 5-byte blocks. When the input is not a multiple of 5 bytes, the last block is shorter and padding is appended to make the total output length a multiple of 8 characters. The number of padding characters depends on how many extra bytes remain in the last block — it can be 1, 3, 4, or 6 equals signs.
No. Base32 is an encoding scheme, not encryption. It is fully reversible by anyone who receives the encoded string — no key or password is needed. It simply changes the representation of data to use a safe subset of ASCII characters. If you need to protect sensitive data, use a proper encryption algorithm such as AES-256 before encoding.
The digits 0 and 1 are excluded because they are visually similar to the letters O and I in many fonts and handwriting styles. Confusing these characters would cause decoding errors when users transcribe Base32 strings manually, such as when setting up 2FA. RFC 4648 chose digits 2–7 instead to avoid this ambiguity while still completing the 32-character alphabet.
The RFC 4648 standard specifies uppercase letters for Base32. This encoder produces uppercase output. However, Base32 decoding is case-insensitive — most decoders, including this tool, accept lowercase input and treat it identically to uppercase. This is one reason Base32 is preferred over Base64 in case-sensitive systems.
Base32 output is approximately 1.6 times larger than the input. Each 5 bytes of input produces 8 Base32 characters. So 10 bytes of input becomes 16 characters of output, and 100 bytes becomes 160 characters. This is less space-efficient than Base64, which produces output about 1.33 times the input size, but the case-insensitivity trade-off is worth it in many use cases.
Yes. All encoding and decoding is performed locally in your browser using JavaScript. Your text, TOTP secrets, and any other data you enter are never transmitted to any server. This means you can safely use this Base32 encoder decoder online with sensitive data such as authentication secrets, knowing the information stays entirely on your device.