Base32 Encode / Decode
Encode and decode data with RFC 4648 Base32 — used in OTP secrets, DNS, and more.
Base32 is commonly used for OTP secret keys (TOTP/HOTP), DNS records, and case-insensitive data encoding. Standard alphabet is the most widely supported.
About this tool
Base32 encoding converts binary data to text using 32 characters: the uppercase letters A–Z and the digits 2–7. This specific character set was chosen to avoid visually similar characters: 0 (zero) is excluded because it resembles O, 1 (one) is excluded because it resembles I and l. The resulting encoded strings are case-insensitive and free of visually ambiguous characters, making them suitable for human transcription and entry.
Base32 is used in several security-critical applications. TOTP (Time-based One-Time Password) for two-factor authentication encodes the secret key in Base32 — the long string of letters and numbers you scan or type into an authenticator app is Base32. It is also used in Tor hidden service addresses, some distributed hash tables, and various blockchain-related identifiers. Compared to Base64, Base32 is less efficient (each character encodes 5 bits vs Base64's 6 bits), resulting in about 60% longer output.
The RFC 4648 standard defines two variants: Base32 (A–Z, 2–7) and Base32Hex (0–9, A–V, which preserves sort order). Crockford Base32 is another variant designed for human use that adds rules for decoding ambiguous characters (I, L, O, U are accepted as alternatives to 1, 1, 0, and excluded). When interoperating with a specific system, verify which variant it uses, as the alphabets are different and incompatible.