Base32 is a binary-to-text encoding scheme that represents binary data using 32 ASCII characters. It encodes every 5 bits of data into one of 32 printable characters (typically A-Z and 2-7). Base32 is widely used in OTP (one-time passwords), TOTP two-factor authentication (like Google Authenticator), secret key sharing, DNS security (DNSSEC), and cryptographic applications where case-insensitive encoding is preferred over Base64.

Base64 uses 64 characters (A-Z, a-z, 0-9, +, /) and encodes 6 bits per character, making it more efficient (33% overhead vs 60% for Base32). However, Base64 is case-sensitive and uses special characters that can cause issues in URLs or when typed manually. Base32 is case-insensitive, uses only alphanumeric characters (no special symbols), and is more human-friendly for manual entry. This makes Base32 ideal for security keys, recovery codes, and scenarios where readability matters.

RFC 4648 (Standard): Uses A-Z and 2-7. Most common, used in TOTP and general applications.
Crockford's Base32: Uses 0-9 and A-Z (excluding I, L, O, U to avoid confusion with digits). Often avoids padding. Designed for human readability.
Base32Hex: Uses 0-9 and A-V, preserving hexadecimal sorting order. Useful when encoded strings need to maintain sort order.
z-base32: Uses a custom 32-character set optimized to minimize visual ambiguity and transcription errors. Common in decentralized systems.

Padding with = characters ensures the encoded output length is a multiple of 8. Since Base32 encodes 5 bytes into 8 characters, inputs not divisible by 5 bytes require padding. For example: 1 byte → 2 chars + 6 '=', 2 bytes → 4 chars + 4 '=', 3 bytes → 5 chars + 3 '=', 4 bytes → 7 chars + 1 '='. Some variants like Crockford and z-base32 omit padding entirely since the data length can be inferred during decoding.

Base32 is used in Google Authenticator and other TOTP apps for secret keys, DNSSEC for signing DNS records, OpenSSL key generation, IPFS content-addressed storage, BitTorrent magnet links (Base32-encoded info hashes), UUID/GUID compact representations, and various cryptographic applications where case-insensitive, URL-safe encoding is required.

This tool automatically handles Base32 strings with or without padding. Simply paste your Base32 string into the input area, switch to Decode mode, and click Convert. The decoder will infer the correct byte length even if padding characters are missing. Make sure you select the correct variant that matches your encoded string.

Yes, standard Base32 (RFC 4648) is URL-safe because it only uses A-Z and 2-7 — no special characters like +, /, or = (though = padding may need percent-encoding in URLs). For maximum URL compatibility, use the Crockford variant or simply omit padding when including Base32 strings in URLs or file names.

Absolutely! Use the Upload File button in Encode mode to select any file from your device. The tool reads the file's raw bytes and encodes them into a Base32 string. You can then copy or download the result. To decode a Base32 string back to a file, switch to Decode mode and download the result — though for binary data, you may want to use a hex editor or specialized tool to save the output correctly.