Base32 Encoder / Decoder

How to use

1. 1Pick a direction: Encode turns text or hex bytes into a Base32 string; Decode turns a Base32 string back into UTF-8 text or hex bytes.
2. 2Pick a variant: RFC 4648 Standard for the default Base32, RFC 4648 Hex for the extended-hex alphabet, or Crockford for human-friendly identifiers.
3. 3When encoding, choose UTF-8 text or Hex bytes for the input, then optionally turn off padding (RFC 4648 only) or switch the output to lowercase.
4. 4When decoding, paste any Base32 string. Whitespace is ignored; Crockford also ignores hyphens. Errors point at the exact position of the first invalid character.
5. 5Use Copy Base32 or Copy decoded to copy the result, or load a preset to round-trip a known RFC 4648 test vector.

About this tool

Base32 Encoder / Decoder turns text or raw bytes into Base32 and back, entirely in your browser. Three alphabets are supported. RFC 4648 Standard (A-Z and 2-7) is the default and matches the Base32 used by GPG armor, openssl base32, IPFS CIDv1, and the secret strings TOTP authenticator apps consume. RFC 4648 Base32 Hex (0-9 and A-V), also called extended-hex Base32, sorts in the same order as the encoded bytes, which is why DNSSEC NSEC3 records use it. Crockford Base32 (0-9 and A-Z minus I, L, O, U) is human-friendly: there is no padding, the decoder is case-insensitive, hyphens between groups are ignored, and ambiguous letters (I, L) decode as 1 while O decodes as 0. Encode mode accepts UTF-8 text or a hex byte sequence so you can encode any binary input without character-set guesswork, and you can toggle whether the output is padded with = or written in lowercase. Decode mode strips whitespace (and Crockford hyphens) before validating each character against the chosen alphabet, reports the exact position of the first invalid character, and verifies that the padding length matches the body length per the RFC. The decoded result can render as UTF-8 text (with a fail-safe to hex bytes when the bytes are not valid UTF-8, so binary keys and ciphertext do not silently corrupt) or as raw hex bytes. A live byte and character counter, a swap button between encode and decode, and curated presets for the canonical RFC 4648 §10 test vectors and a TOTP-secret round trip make it easy to verify your data and your tool. Useful for setting up authenticator apps that ask for a Base32 secret, debugging GPG and openssl outputs, decoding Bitcoin-related data formats, reading DNSSEC NSEC3 hashes, working with IPFS CIDv1 strings, generating short human-friendly identifiers with Crockford Base32, and any place a developer needs to switch between Base32 and the underlying bytes. Encoding, decoding, and validation all run on your device, so secrets, tokens, and keys you paste here never leave your browser.

Free to use. Works in your browser. No signup, no login.