Base32 Encoder / Decoder
Encode text to RFC 4648 Base32 (the variant used in TOTP / Google Authenticator secrets, AWS S3 SSE-C keys, and Geohash). Or decode any Base32 back to text. UTF-8 safe. Browser-only.
How to use the Base32 Encoder / Decoder
Type or paste text to encode, or paste a Base32 string to decode. The output is plain text on decode. Common use case: encoding a TOTP secret to share with a user manually rather than via QR code — the secret in otpauth:// URLs is always Base32.
Where Base32 shows up
Base32, defined in RFC 4648, encodes binary data using 32 symbols: the upper-case letters A–Z and the digits 2–7. Dropping 0, 1, 8, and 9 avoids confusion with the letters O, I, B, and so on, and using only upper-case makes the output case-insensitive. Each group of five bytes becomes eight characters, with = padding the final group when the input does not divide evenly.
It is less compact than base64 but more robust where a human might read or type the value, or where case is not preserved. That is why TOTP secrets in otpauth:// URLs — the ones behind Google Authenticator and similar apps — are Base32, and why it turns up in S3 keys and Geohash. This tool encodes text to Base32 and decodes it back, with an option to strip the padding.
Common use cases
- TOTP secrets — encode or read the Base32 secret shared with an authenticator app instead of via QR code.
- Case-insensitive identifiers — produce a value that survives systems that upper- or lower-case text.
- Human-readable tokens — generate codes someone can read aloud or type without ambiguity.
- Decoding stored values — turn a Base32 string from a config or URL back into its bytes.
- Learning RFC 4648 — see how five bytes map to eight characters and where padding comes from.
Frequently asked questions
How is Base32 different from Base64?
Why are TOTP secrets in Base32?
What is the padding character for?
= signs pad it out so the length stays a multiple of eight. Some systems omit padding, which is why this tool can strip it.