Encoding Calculator

View text in different encoding formats including UTF-8, UTF-16, Base64, URL encoding, and more.

12

Characters

12

Code Points

12 bytes

UTF-8 Size

Input Text

Encodings

UTF-8 (Hex)Variable-width encoding
Click to copy

48 65 6C 6C 6F 20 57 6F 72 6C 64 21

UTF-8 (Binary)8-bit binary representation
Click to copy

01001000 01100101 01101100 01101100 01101111 00100000 01010111 01101111 01110010 01101100 01100100 00100001

UTF-16 (Hex)JavaScript internal encoding
Click to copy

0048 0065 006C 006C 006F 0020 0057 006F 0072 006C 0064 0021

Unicode Code PointsU+ notation
Click to copy

U+0048 U+0065 U+006C U+006C U+006F U+0020 U+0057 U+006F U+0072 U+006C U+0064 U+0021

Base6464-character encoding
Click to copy

SGVsbG8gV29ybGQh

URL EncodedPercent encoding
Click to copy

Hello%20World!

HTML EntitiesHTML character references
Click to copy

Hello World!

Hex StringContinuous hex digits
Click to copy

48656c6c6f20576f726c6421

OctalBase-8 representation
Click to copy

110 145 154 154 157 40 127 157 162 154 144 41

ROT13Letter substitution cipher
Click to copy

Uryyb Jbeyq!

About Encodings: Different encoding formats represent the same text in different ways. UTF-8 is the most common web encoding, while Base64 is used for binary-to-text encoding.

What Is Text Encoding?

Text encoding is the process of converting human-readable characters into a sequence of numbers or symbols that computers can store, transmit, and interpret. Every letter, digit, punctuation mark, and emoji you type must be translated into binary data before a computer can work with it. The encoding calculator on this page lets you instantly see how any text string looks across ten different encoding formats simultaneously — from raw binary bytes to Base64 to URL-percent encoding.

At its core, every character encoding system maintains a character map: a lookup table that assigns a unique numerical value (called a code point) to each character. The oldest and most familiar encoding system is ASCII (American Standard Code for Information Interchange), which assigns values 0–127 to the 128 characters needed for English text and common punctuation. ASCII works perfectly for "Hello" but has no way to represent "こんにちは" or "مرحبا".

The explosion of global internet use in the 1990s made ASCII's limitations untenable, and the Unicode standard emerged as the universal solution. Unicode defines a unique code point for every character in every writing system on Earth — more than 149,000 characters as of Unicode 15.1. But Unicode is a character set, not an encoding; you still need an encoding scheme to store Unicode code points as bytes. That is where UTF-8, UTF-16, and UTF-32 come in.

Understanding encoding is essential in software development, data engineering, web development, and security. Encoding bugs are among the most common sources of "mojibake" (garbled text), SQL injection vulnerabilities, and cross-site scripting (XSS) attacks. When you properly encode user input as HTML entities before inserting it into a web page, for instance, you prevent malicious scripts from running. When you URL-encode a search query before appending it to a URL, you prevent the query from breaking the URL structure.

This free encoding calculator handles UTF-8 hex, UTF-8 binary, UTF-16 hex, Unicode code points (U+ notation), Base64, URL encoding, HTML entities, raw hex string, octal, and ROT13 — giving developers, students, and security professionals a quick reference for any text input.

Encoding Formats: UTF-8, UTF-16, Base64, and More

Each encoding format on this calculator serves a different purpose. Understanding which format to use — and why — is a key skill for anyone working with text, data serialization, web APIs, or security.

UTF-8 (Hex and Binary)

UTF-8 is the dominant encoding standard on the web, used by over 98% of websites. It is a variable-width encoding: ASCII characters (U+0000 to U+007F) are stored as a single byte, characters in common scripts like Latin, Greek, Arabic, and Cyrillic use two bytes, East Asian characters typically use three bytes, and supplementary characters (including most emoji) use four bytes. This variable-width design makes UTF-8 backward-compatible with ASCII while still supporting the full Unicode range. The calculator shows UTF-8 output in both hexadecimal (e.g., 48 65 6C 6C 6F) and binary (e.g., 01001000 01100101...) representations.

UTF-16 (Hex)

UTF-16 uses 16-bit (two-byte) code units. Characters in the Basic Multilingual Plane (U+0000 to U+FFFF) use a single 16-bit code unit, while supplementary characters use two code units called a surrogate pair. JavaScript's internal string representation uses UTF-16, which is why charCodeAt() returns 16-bit values. This calculator uses charCodeAt() to generate the UTF-16 hex output for each character position.

Unicode Code Points (U+ Notation)

A Unicode code point is the abstract numerical identifier assigned to each character in the Unicode standard, written with the U+ prefix. For example, the letter "A" is U+0041, the euro sign "€" is U+20AC, and the face with tears of joy emoji is U+1F602. Code points are the canonical identity of a character, independent of any byte encoding. This calculator uses JavaScript's codePointAt() method, which correctly handles supplementary characters (code points above U+FFFF) that UTF-16 represents as surrogate pairs.

Base64

Base64 encodes arbitrary binary data as a string of 64 printable ASCII characters (A–Z, a–z, 0–9, +, /). It is widely used for embedding images, fonts, and other binary data in HTML/CSS, transmitting binary data in JSON payloads, encoding email attachments (MIME), and storing credentials in HTTP Basic Authentication headers. Base64 increases data size by approximately 33%. The calculator uses btoa(unescape(encodeURIComponent(input))) to correctly handle multi-byte characters.

URL Encoding (Percent Encoding)

URL encoding replaces characters that are not safe in a URL with a percent sign followed by two hexadecimal digits representing the UTF-8 byte value of that character. For example, a space becomes %20 and an ampersand becomes %26. This is essential whenever user-supplied data is included in a URL query string, path segment, or form submission. The calculator uses JavaScript's encodeURIComponent(), which encodes all characters except letters, digits, and the characters - _ . ! ~ * ' ( ).

HTML Entities

HTML entity encoding replaces characters that have special meaning in HTML — specifically < > & " ' — and any character with a code point above 127, with numeric character references in the form &#charCode;. This is a critical security measure: properly HTML-encoding all user-supplied text before rendering it in a page prevents cross-site scripting (XSS) attacks. The calculator applies &#charCode; notation to all non-ASCII characters and the five HTML special characters.

Hex String and Octal

The hex string format concatenates the two-digit hexadecimal representation of each character's byte value (using charCodeAt()) into a continuous string — a common format in debugging output, wire protocol inspection, and cryptographic operations. Octal converts each character's code point to base-8, a format occasionally used in Unix file permissions contexts and older programming environments.

ROT13

ROT13 is a simple letter-substitution cipher that replaces each letter with the letter 13 positions ahead in the alphabet. Because there are 26 letters, applying ROT13 twice returns the original text — it is its own inverse. ROT13 is not a security mechanism but is used to obscure spoilers, puzzle answers, and mildly offensive content in informal contexts. The calculator applies ROT13 to alphabetic characters and leaves all other characters unchanged.

How the Encoding Calculator Computes Each Format

The encoding calculator performs all conversions entirely in the browser using the Web APIs and JavaScript built-in methods listed below. No data is sent to any server. Each conversion happens instantaneously inside a useMemo hook that re-runs whenever you change the input text.

Here is a summary of the conversion method used for each encoding type:

Format JavaScript Method Output Example ("Hi")
UTF-8 Hex new TextEncoder().encode(text), then each byte to 2-digit hex 48 69
UTF-8 Binary Same UTF-8 bytes, each converted with .toString(2).padStart(8,'0') 01001000 01101001
UTF-16 Hex charCodeAt(i) for each position, padded to 4 hex digits 0048 0069
Unicode Code Points codePointAt(0) for each character (handles surrogates) U+0048 U+0069
Base64 btoa(unescape(encodeURIComponent(text))) SGk=
URL Encoded encodeURIComponent(text) Hi (unchanged for safe chars)
HTML Entities charCodeAt(0) > 127 or /[<>&"']/.test(char)&#code; Hi (unchanged for safe ASCII)
Hex String charCodeAt(0).toString(16).padStart(2,'0') concatenated 4869
Octal charCodeAt(0).toString(8) for each character, space-separated 110 151
ROT13 Regex replace: ((charCode - base + 13) % 26) + base Uv

The byte count shown at the top of the calculator reflects the length of the UTF-8 encoded byte array, not the JavaScript string length. For ASCII-only text these are equal, but for text containing multi-byte characters (accented letters, CJK ideographs, emoji) the byte count will exceed the character count.

ROT13 Character Substitution

encodedChar = String.fromCharCode(((charCode - base + 13) % 26) + base)

Where:

  • charCode= The UTF-16 code unit of the input character (from charCodeAt())
  • base= 65 for uppercase letters (A–Z), 97 for lowercase letters (a–z)
  • 13= The rotation offset; 13 is chosen because it is its own inverse modulo 26
  • % 26= Modulo 26 ensures the result wraps around within the 26-letter alphabet
  • encodedChar= The substituted character produced by String.fromCharCode()

Deep Dive: How UTF-8 Encodes Characters as Bytes

UTF-8's variable-width encoding scheme is elegant and systematic. The number of bytes used to represent a code point depends on the code point's range, following a well-defined set of bit patterns. Understanding these patterns helps you interpret raw hex dumps and diagnose encoding errors in networked systems.

Code Point Range Byte Sequence Pattern Bytes Used Example
U+0000 – U+007F 0xxxxxxx 1 A (U+0041) → 0x41
U+0080 – U+07FF 110xxxxx 10xxxxxx 2 é (U+00E9) → 0xC3 0xA9
U+0800 – U+FFFF 1110xxxx 10xxxxxx 10xxxxxx 3 中 (U+4E2D) → 0xE4 0xB8 0xAD
U+10000 – U+10FFFF 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx 4 😀 (U+1F600) → 0xF0 0x9F 0x98 0x80

The leading bits of each byte serve as a self-synchronizing marker. A byte starting with 0 is a complete single-byte ASCII character. A byte starting with 110 introduces a two-byte sequence. A byte starting with 1110 introduces a three-byte sequence. Bytes starting with 10 are continuation bytes. This design allows a UTF-8 decoder to resynchronize after data corruption — it simply skips bytes until it finds one that does not start with 10.

This self-synchronizing property, combined with ASCII backward-compatibility, is why UTF-8 became the dominant encoding for the web, most file systems, and network protocols. When you use this encoding calculator and notice that a simple English word like "Hello" produces exactly as many UTF-8 bytes as characters, but a word like "café" produces five bytes for four characters, that is UTF-8's variable-width encoding at work.

Encoding in Web Development and Security

Choosing the correct encoding context is not just a technicality — it is a security requirement. The most common web vulnerabilities, including Cross-Site Scripting (XSS) and SQL Injection, can often be traced to improper or missing encoding. Understanding when and how to apply each encoding format is a foundational skill for web developers and security engineers.

HTML Entity Encoding to Prevent XSS

When user-supplied text is rendered inside an HTML document, every character that has special meaning in HTML must be encoded as an HTML entity. The critical five are: < (less-than, starts tags), > (greater-than, ends tags), & (ampersand, starts entities), " (double quote, inside attribute values), and ' (single quote, inside attribute values). Failing to encode even one of these allows an attacker to inject HTML or JavaScript that runs in the victim's browser context.

URL Encoding in Query Strings and Form Data

Query string values must be percent-encoded before being appended to a URL. Without encoding, a value containing & would split the query string, a value containing = would break key-value parsing, and a value containing # would truncate the URL at the fragment identifier. Use encodeURIComponent() for individual query parameter values and encodeURI() for an entire URL (which preserves the structural characters like /, ?, and &).

Base64 in HTTP and APIs

Base64 is used in HTTP Basic Authentication headers (Authorization: Basic base64(username:password)), data URIs for embedding images directly in CSS or HTML, JSON Web Tokens (JWTs use Base64URL — a URL-safe variant that replaces + with - and / with _), and MIME email attachments. Note that Base64 is encoding, not encryption — it provides no confidentiality and should never be used to protect sensitive data.

UTF-8 as the Default Web Encoding

Always declare <meta charset="UTF-8"> in HTML documents and ensure your server sends the response header Content-Type: text/html; charset=UTF-8. A mismatch between the declared encoding and the actual byte encoding of the file is the most common cause of mojibake — the garbled box-characters and question marks that appear when a browser interprets UTF-8 bytes as ISO-8859-1 or Windows-1252.

Encoding Conversion in Database Operations

Many database collation issues arise from encoding mismatches between the application layer (typically UTF-8), the database connection (which must also declare UTF-8), and the table/column collation. In MySQL, utf8mb4 (not the incorrectly named utf8, which only supports three-byte sequences) is required to store emoji and other four-byte Unicode characters. Always verify encoding consistency across all three layers.

How to Use the Encoding Calculator

The encoding calculator is designed to be instant and frictionless. You type or paste text into the input area and all ten encoding formats update in real time — there is no submit button to click. Here is a guide to each feature on the page.

  1. Input Text Area: Type or paste any text — plain English, Unicode characters, emoji, code snippets, or any mix. The calculator processes all Unicode text correctly, including multi-byte characters and emoji.
  2. Character Count: The top-left badge shows the number of JavaScript string positions. For ASCII text this equals the number of characters, but surrogate pairs (emoji and supplementary characters) occupy two string positions each.
  3. Code Point Count: The center badge shows the number of actual Unicode code points, using the for...of iterator which correctly groups surrogate pairs. This is the "true" character count for most purposes.
  4. UTF-8 Size: The top-right badge shows the total number of bytes required to store the text in UTF-8 encoding. For ASCII-only text this equals the character count; for text with emoji or non-Latin scripts it will be larger.
  5. Click to Copy: Each encoding row is clickable. Clicking any row copies that encoding result to your clipboard. The row briefly shows "Copied!" to confirm the action.
  6. Clear Button: Empties the input field immediately.
  7. Sample Text Button: Loads "Hello World! 🌍" — a useful test string that includes both ASCII and a multi-byte emoji, demonstrating how different encodings handle Unicode characters.

A practical workflow is to paste the text you are working with — a form field value, an API response string, a filename — and immediately see how it would look in the encoding required by your current context. If you are debugging a URL parsing issue, check the URL Encoded row. If you are diagnosing an XSS risk, check the HTML Entities row. If you are preparing a Base64 payload for an API call, the Base64 row gives you the ready-to-use string.

Worked Examples

ASCII Text: 'Hi'

Problem:

Encode the two-character ASCII string 'Hi' across all formats.

Solution Steps:

  1. 1Character codes: H = 72 (decimal), i = 105 (decimal)
  2. 2UTF-8 Hex: 72 → 0x48, 105 → 0x69 → output: '48 69' (ASCII characters map 1:1 to UTF-8 bytes)
  3. 3UTF-8 Binary: 72 → 01001000, 105 → 01101001 → output: '01001000 01101001'
  4. 4UTF-16 Hex: charCodeAt(0)=72 → 0048, charCodeAt(1)=105 → 0069 → output: '0048 0069'
  5. 5Unicode Code Points: codePointAt gives U+0048 and U+0069
  6. 6Base64: btoa(unescape(encodeURIComponent('Hi'))) = btoa('Hi') = 'SGk='
  7. 7URL Encoded: H and i are unreserved characters → 'Hi' (unchanged)
  8. 8HTML Entities: both chars are safe ASCII (<128, not special HTML chars) → 'Hi' (unchanged)
  9. 9Hex String: '48' + '69' concatenated → '4869'
  10. 10Octal: 72 → 110, 105 → 151 → output: '110 151'
  11. 11ROT13: H (base 65, code 72) → (72-65+13)%26+65 = 20%26+65 = 85 = 'U'; i (base 97, code 105) → (105-97+13)%26+97 = 21%26+97 = 118 = 'v' → 'Uv'

Result:

UTF-8 Hex: '48 69', Binary: '01001000 01101001', UTF-16: '0048 0069', Code Points: 'U+0048 U+0069', Base64: 'SGk=', URL: 'Hi', HTML: 'Hi', Hex String: '4869', Octal: '110 151', ROT13: 'Uv'. UTF-8 byte count: 2 (same as character count for pure ASCII).

Special Characters: '<script>'

Problem:

Encode the string '<script>' to demonstrate HTML entity encoding and URL encoding for a security-sensitive input.

Solution Steps:

  1. 1Characters: < s c r i p t >
  2. 2Character codes: < = 60, s = 115, c = 99, r = 114, i = 105, p = 112, t = 116, > = 62
  3. 3UTF-8 Hex: 3C 73 63 72 69 70 74 3E (all single-byte ASCII characters)
  4. 4HTML Entities: '<' has charCode 60 which matches /[<>&"']/ regex → &#60;; '>' is 62, also matches → &#62;; letters s,c,r,i,p,t are safe ASCII → unchanged. Full result: &#60;script&#62;
  5. 5URL Encoded: encodeURIComponent('<script>') → '%3Cscript%3E' (< becomes %3C, > becomes %3E)
  6. 6Base64: btoa('<script>') = 'PHNjcmlwdD4='
  7. 7ROT13: < and > are not letters, unchanged; 'script' rotated: s→f, c→p, r→e, i→v, p→c, t→g → 'fpevtc'. Full ROT13: '<fpevtc>'

Result:

HTML Entities output is '&#60;script&#62;' — safe to insert into HTML without triggering script execution. URL Encoded output is '%3Cscript%3E'. This demonstrates how the encoding calculator directly supports XSS prevention analysis. UTF-8 byte count: 8.

Emoji: '😀'

Problem:

Encode the grinning face emoji (U+1F600) to show the difference between UTF-8 bytes, UTF-16 surrogate pairs, and code points.

Solution Steps:

  1. 1The emoji 😀 has Unicode code point U+1F600 (decimal 128512)
  2. 2UTF-8 encoding: U+1F600 falls in the 4-byte range (U+10000–U+10FFFF). TextEncoder produces bytes: F0 9F 98 80
  3. 3Verify: 0x1F600 = 0001 1111 0110 0000 0000; split across 4-byte pattern 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx → 11110000 10011111 10011000 10000000 → F0 9F 98 80
  4. 4UTF-8 Binary: 11110000 10011111 10011000 10000000
  5. 5UTF-16: U+1F600 is above U+FFFF so JavaScript represents it as a surrogate pair. charCodeAt(0) = 0xD83D (55357), charCodeAt(1) = 0xDE00 (56832) → UTF-16 Hex: 'D83D DE00'
  6. 6Unicode Code Points: codePointAt(0) = 0x1F600 → 'U+1F600'
  7. 7Base64: btoa(unescape(encodeURIComponent('😀'))) = 'n9+YgA==' (Base64 of the UTF-8 bytes)
  8. 8URL Encoded: encodeURIComponent('😀') = '%F0%9F%98%80' (percent-encodes each of the 4 UTF-8 bytes)

Result:

UTF-8 produces 4 bytes (F0 9F 98 80), UTF-16 shows a surrogate pair (D83D DE00), the code point is U+1F600, and URL encoding percent-encodes all 4 bytes as '%F0%9F%98%80'. The UTF-8 byte count is 4 while the code point count is 1, illustrating the character-vs-byte distinction.

Tips & Best Practices

  • Use the 'Sample Text' button to load 'Hello World! 🌍' — it tests both ASCII and multi-byte emoji encoding in one shot.
  • When debugging URL issues, check both the URL Encoded and HTML Entities rows: a URL in an HTML attribute needs both encodings applied.
  • The UTF-8 byte count is what matters for network payload size and database storage limits, not the JavaScript character count.
  • Click any encoding row to instantly copy the result — no need to select and drag across monospaced output text.
  • For security code reviews, paste user input into the HTML Entities row to verify that dangerous characters like < > & are properly encoded.
  • ROT13 applied twice always returns the original text — use the calculator to verify this by encoding the ROT13 output a second time.
  • The difference between code point count and character count reveals how many supplementary (4-byte) characters are in your string.
  • Base64 output always ends with = or == padding when the input byte length is not a multiple of 3.
  • For API payloads that transmit binary data, prefer Base64 over hex strings — Base64 is 33% larger but far more compact than hex (which is 100% larger than the original).

Frequently Asked Questions

Both UTF-8 and UTF-16 are variable-width encodings of the Unicode character set, but they use different base unit sizes. UTF-8 uses 8-bit (one-byte) code units and represents ASCII characters in a single byte, making it very efficient for English text and backward-compatible with ASCII. UTF-16 uses 16-bit (two-byte) code units and represents most common characters (the Basic Multilingual Plane) in exactly two bytes, but requires a surrogate pair (four bytes total) for supplementary characters like most emoji. JavaScript strings are stored in UTF-16 internally, which is why string.length counts 2 for a single emoji. UTF-8 is the standard for web pages, files, and network protocols; UTF-16 is common in Windows APIs, Java strings, and older Microsoft formats.
No, Base64 is purely an encoding scheme, not encryption. Anyone who receives a Base64-encoded string can decode it immediately with no key or password — the algorithm is completely public and reversible. Base64 transforms binary data into a safe printable ASCII representation to facilitate transmission through text-based systems like email or JSON. If you need to protect data from unauthorized access, you must use an actual cryptographic algorithm such as AES, RSA, or ChaCha20. Using Base64 to obscure sensitive data is a common security mistake.
URL encoding (percent encoding) should be applied when embedding data in a URL — specifically in query string parameter values, path segments, or form data submitted via GET. HTML entity encoding should be applied when embedding data inside HTML markup — in element content, attribute values, or anywhere in the HTML parse context. These are completely separate encoding contexts: a string that is properly URL-encoded may still require HTML-entity-encoding before being rendered in a page, and vice versa. Mixing up these contexts is a common source of both display bugs and security vulnerabilities.
JavaScript (and Java) use UTF-16 for internal string storage. Unicode characters above U+FFFF — which includes most emoji, many historic scripts, and some less common CJK characters — are represented using two UTF-16 code units called a surrogate pair. JavaScript's string.length property counts UTF-16 code units, so a single emoji contributes 2 to the length. The code point count uses the for...of iterator (or codePointAt()), which correctly groups surrogate pairs and counts the emoji as 1 character. The code point count is the number most people mean when they say 'number of characters'.
ROT13 is a trivial letter-substitution cipher where each letter is replaced by the letter 13 positions later in the alphabet. Because the alphabet has 26 letters, applying ROT13 twice always returns the original text. It is most commonly used in online communities (especially Usenet and Reddit) to hide spoilers, puzzle solutions, and mildly offensive jokes so that readers must make a deliberate action to reveal the content. ROT13 provides absolutely no security — it is instantly reversible by anyone — but it fulfills its intended purpose as a simple opt-in content reveal mechanism.
The browser's built-in btoa() function only accepts strings where every character has a code point of 255 or less (Latin-1 range). If you pass a string containing multi-byte Unicode characters directly, btoa() throws an error. The workaround is to first convert the string to a UTF-8 percent-encoded representation using encodeURIComponent(), then decode the percent-escaping back to raw bytes using unescape() — this converts each %XX sequence to the actual byte value — and finally pass that Latin-1 byte string to btoa(). The result is the Base64 encoding of the UTF-8 byte representation of the original text.
For Base64, use atob() in the browser or a Base64 decode library in any language. For URL encoding, use decodeURIComponent(). For HTML entities, a DOM parser or HTML entity library will decode them. For UTF-8 hex, convert each two-character hex pair back to a byte and pass the byte array to new TextDecoder().decode(). For ROT13, simply apply ROT13 again to the encoded text — since applying it twice returns the original. The encoding calculator currently shows the forward direction only; for decode workflows, use the paired decoder tools such as the Base64 Decoder or URL Decoder.

Sources & References

Last updated: 2026-06-05

💡

Help us improve!

How would you rate the Encoding Calculator?

<>

Editorial Note

MyCalcBuddy Editorial Team

This page is maintained as an educational calculator reference.

Source

Formula Source: Standard Mathematical References

by Various

UpdatedLast reviewed: May 2026
CheckedFormula checks are based on standard references and internal QA review.