Tech

Base32 encoder / decoder

Convert text to Base32 (RFC 4648) and back. It is the format used by TOTP/2FA keys in Google Authenticator. Supports UTF-8, optional padding and lowercase input. Everything runs in your browser.

Instant🔒In your browserNo signup
Live
Base32 result

What Base32 is and why it exists

Base32 is an encoding scheme defined in RFC 4648 that represents any binary data using only 32 characters: the letters A-Z and the digits 2-7, plus = as padding. Each character carries 5 bits, so every 5 input bytes become exactly 8 output characters. Why another scheme when Base64 already exists? Because Base32 has two superpowers Base64 lacks: it is case-insensitive (no two characters differ only in case) and it avoids ambiguous characters — the alphabet contains neither 0 nor 1, so you can never confuse them with O or l. That makes it ideal for anything a human has to read, dictate over the phone or type by hand: the TOTP/2FA secret keys in Google Authenticator, names encoded in DNS (which is case-insensitive by design), and ULID identifiers, which use Crockford's Base32 variant.

How it works: 5 bytes become 8 characters

The algorithm takes the input bytes (here, your text encoded to UTF-8 with TextEncoder, so accents, ñ and emoji come out perfectly) and reads them as one continuous stream of bits. Each group of 5 bits is a number between 0 and 31, which maps to one character of the alphabet. Since 5 bytes = 40 bits = exactly 8 groups, the natural Base32 block is 8 characters. When the input is not a multiple of 5 bytes, the last group is completed with zero bits and the output is padded with = up to 8. The classic RFC example: foobar encodes to MZXW6YTBOI======, and fo to MZXQ====. You can verify it right now in the tool above.

Base32 vs Base64 vs Hex at a glance

Base32Base64Hexadecimal
Alphabet32 characters (A–Z, 2–7)64 characters (A–Z, a–z, 0–9, +, /)16 characters (0–9, A–F)
Bits per character564
Size overhead+60% (5 bytes → 8 chars)+33% (3 bytes → 4 chars)+100% (1 byte → 2 chars)
Case-sensitiveNoYesNo
Ambiguous charactersNo (neither 0 nor 1)Yes (0/O, 1/l/I)No
Typical usesTOTP/2FA keys, DNS, ULIDMIME emails, data URIs, JWTCSS colors, hashes, dumps

The rule of thumb: if only a machine will ever read the result, use Base64 (more compact) — that is what our Base64 encoder and Base64 decoder are for. If a human will read, dictate or type it, or the channel ignores case (like DNS), Base32 is the right choice.

Where you run into Base32 in real life

  • TOTP/2FA keys. The secret you scan as a QR code into Google Authenticator, Authy or 1Password is Base32. If the QR fails, the key you type by hand (like JBSW Y3DP EHPK 3PXP) is too.
  • DNS and DNSSEC. Domain names ignore case, so encoding hashes into records (NSEC3) requires a case-insensitive alphabet.
  • ULID. Sortable unique identifiers that use Crockford's Base32 (a variant with a different alphabet) to stay compact and readable.
  • Human-friendly tokens. Activation codes, license keys and coupons that a person has to type without frustration.

Reference: the Base32 alphabet (RFC 4648)

ValueCharValueCharValueCharValueChar
0A8I16Q24Y
1B9J17R25Z
2C10K18S262
3D11L19T273
4E12M20U284
5F13N21V295
6G14O22W306
7H15P23X317

The = padding carries no value: it only completes the 8-character block when the input is not a multiple of 5 bytes.

FAQ

What is Base32 and how is it different from Base64?

Base32 uses only 32 characters (A–Z, 2–7). It is longer than Base64 (+60% vs +33%) but case-insensitive and free of ambiguous characters, ideal for keys typed by hand.

Why do Google Authenticator keys use Base32?

The TOTP standard (RFC 6238) encodes the secret in Base32 because it is sometimes typed by hand: no lowercase and no 0/O or 1/l confusion means fewer mistakes.

Is the trailing = padding required?

Per the RFC yes, but many implementations omit it (TOTP keys usually ship without =). We accept both forms, and you can toggle it off when encoding.

Is Base32 case-sensitive?

No. The official alphabet is uppercase only, but this converter normalizes lowercase input automatically before decoding.

How much does Base32 grow the encoded text?

By 60%: every 5 bytes become 8 characters, because each character carries 5 bits.

Is Base32 encryption?

No. It is an encoding anyone can reverse, just like Base64. For confidentiality use real encryption (AES, libsodium).

What happens if I paste a string with invalid characters?

We show a clear error pointing at the offending character. Spaces, line breaks and lowercase letters are tolerated and cleaned automatically.

Is my text sent to a server?

No, everything happens in your browser with TextEncoder and TextDecoder. Your text never leaves your device.

Was this generator useful?