Boneyard Tools

Base32 vs Base64: what is the difference

How Base32 and Base64 compare on alphabet, size and readability, and which encoding to reach for in real systems.

Two ways to make bytes text-safe

Base32 and Base64 solve the same problem: they represent arbitrary binary data using only printable characters so it can travel through channels that expect text. The difference is how many bits each output character carries. Base64 packs six bits per character using a 64-symbol alphabet, while Base32 packs five bits using a 32-symbol alphabet. That single design choice ripples out into size, readability and where each format is used.

Alphabet and case sensitivity

Base64 uses uppercase and lowercase letters, digits, and two symbols such as + and /, which makes it compact but case sensitive and awkward in URLs or filenames. Base32 uses only uppercase A to Z and the digits 2 to 7, avoiding look-alike characters like 0 and O or 1 and I. Because it is case insensitive in spirit and free of punctuation, Base32 survives being written down, read over the phone or typed by hand far better than Base64.

Size and efficiency

Fewer bits per character means longer output. Base64 expands data by about a third, roughly 1.33 times the original size, while Base32 expands it by about 60 percent, roughly 1.6 times. If you are sending large payloads over a network where every byte counts, Base64 wins. If the data is small and a human might handle it, the extra length of Base32 is a fair price for its clarity.

When to use each

Reach for Base64 when the encoded data is machine-to-machine and size matters, such as embedding an image in a data URI or encoding a JSON web token. Reach for Base32 when people touch the value: two-factor authentication secret keys, some DNS records, and share codes are commonly Base32 precisely because it is hard to mistype. Both are reversible encodings, so neither adds any security by itself.

Frequently asked questions

Is a TOTP two-factor secret Base32?

Yes. Authenticator apps almost always exchange the shared secret as a Base32 string because it is case insensitive and easy to type from a screen.

Can I convert Base32 to Base64 directly?

Not in one step here. Decode the Base32 back to the original text or bytes, then encode those bytes as Base64 with a Base64 tool.