Base32 Encoder/Decoder - Free Online Tool | PivaBox

Encode and decode text with Base32 — RFC 4648, Base32Hex, and Crockford variants

Base32 Encoder/Decoder — Convert Text and Binary Data Using RFC 4648, Base32Hex, and Crockford Variants with Case-Insensitive, Human-Friendly Encoding

Select your Base32 variant from the dropdown: RFC 4648 (standard) uses the alphabet A–Z and 2–7 — this is the most common variant, used in DNSSEC, OTP (one-time password) secrets, and onion addresses. RFC 4648 Hex uses 0–9 and A–V — designed for environments where the encoded output needs to sort lexicographically the same as the original binary data. Crockford is a human-friendly variant that avoids ambiguous characters (removing I, L, O, U to prevent confusion with 1 and 0) and includes an optional check symbol — ideal for user-facing identifiers and license keys.
Type or paste your text in the input area — encoding and decoding happen automatically in real-time as you type. For encoding, your text is first converted to UTF-8 bytes, then encoded into Base32 characters using the selected variant's alphabet. For decoding, paste a Base32-encoded string and the tool instantly recovers the original text. The tool handles both directions simultaneously — if the input contains characters outside the Base32 alphabet, it treats it as plain text to encode; if it consists only of Base32 characters, the decoded result appears alongside.
Review the result and click Copy to copy it to your clipboard. The alphabet display below shows the exact character set used by the selected variant. Base32 is particularly valuable because it's case-insensitive — unlike Base64 which uses both upper and lowercase letters (making it fragile in case-insensitive contexts like DNS and file systems), Base32 output can be typed, spoken, or printed without ambiguity. All encoding/decoding happens entirely in your browser using JavaScript — your data never leaves your device.

Frequently Asked Questions

When should I use Base32 instead of Base64 or hexadecimal encoding?

Base32 occupies a sweet spot between readability and efficiency. Base64 is more compact (33% overhead vs 60% for Base32), but its use of mixed-case letters and special characters (<code>+</code>, <code>/</code>) makes it problematic in case-insensitive contexts (DNS, Windows file paths), URL query strings (requiring percent-encoding of <code>+</code>), and human-readable contexts (hand-typing a Base64 string is error-prone). Hexadecimal (Base16) is the most human-friendly (only 0–9, A–F) but has 100% overhead — every byte becomes two hex characters. Base32 balances these trade-offs: 60% overhead (tolerable for short data), single-case alphabet (case-insensitive safe), no special characters (URL and filename safe), and groups of 5 bits per character (natural alignment with many binary formats). Key use cases: TOTP secrets in authenticator apps (RFC 6238), DNSSEC key fingerprints, Tor .onion addresses (Base32-encoded public keys), and any scenario where humans need to read, type, or verify encoded data aloud.

What's the difference between the three Base32 variants (RFC 4648, Base32Hex, Crockford) and which should I choose?

The three variants serve different design goals. RFC 4648 (A–Z, 2–7) is the IETF standard and most interoperable choice — use it unless you have a specific reason to choose another. The numbers 2–7 (rather than 0–6) were chosen because 0 and 1 are easily confused with O and I/l in some fonts — the standard intentionally omits 0, 1, 8, 9 from the alphabet. Base32Hex (0–9, A–V) preserves the natural sort order of the original binary data when the encoded strings are sorted lexicographically — important for databases and file systems where encoded keys are used for ordering. Crockford is designed for maximum human usability: it removes ambiguous characters (I, L, O, U), maps lowercase input to uppercase, allows hyphens for readability grouping, and supports an optional mod-37 check character. Crockford is ideal for license keys, product codes, and user-facing identifiers. The PivaBox encoder supports all three variants for free, entirely in your browser.

Is Base32 encoding secure for storing sensitive data?

Base32 is an encoding scheme, not an encryption scheme — it transforms the representation of data but provides zero security. Anyone who knows the encoding format can decode the data back to its original form. Think of Base32 like changing the font of a document — it looks different but contains the same information. For secure data storage, combine Base32 with encryption: first encrypt your data using a strong algorithm (AES-256-GCM via the Web Crypto API), then Base32-encode the ciphertext for storage or transmission. This gives you both confidentiality (from encryption) and format compatibility (from Base32). The PivaBox Base32 Encoder processes everything in your browser — your data never touches a server, which is a critical security consideration even for encoding operations. For encryption needs, see the other tools in the PivaBox Crypto suite.