Hash Generator
Generate MD5, SHA1, SHA256 and SHA512 hashes from any text string, entirely in your browser.
Hash values
| Algorithm | Hash |
|---|
About the Hash Generator
A cryptographic hash function takes any input (text, a file, a password) and produces a fixed-length output called a hash or digest. Hash functions are one-way: it is computationally infeasible to reverse a hash back to its original input. Even a tiny change in input produces a completely different hash — a property known as the avalanche effect.
Hash algorithm comparison
- MD5 (128-bit) — Fast, but cryptographically broken. Known collision vulnerabilities mean two different inputs can produce the same hash. Not suitable for security purposes, but still used for non-security checksums and file fingerprinting.
- SHA-1 (160-bit) — Also deprecated for security use since 2017 due to demonstrated collision attacks (SHAttered). Avoid for signatures, certificates, or password storage.
- SHA-256 (256-bit) — Part of the SHA-2 family. Widely used and currently considered secure. Used in TLS, code signing, Bitcoin, and most modern security applications.
- SHA-512 (512-bit) — Also SHA-2 family. Provides a larger digest and is faster than SHA-256 on 64-bit platforms for large inputs.
Common use cases
- File integrity verification — Publishing a SHA-256 hash alongside a download lets users verify the file hasn't been tampered with.
- Data deduplication — Identifying duplicate files or data blocks by comparing hashes.
- Digital signatures — Signing the hash of a document is faster than signing the document itself.
- Checksums in APIs — Verifying payloads haven't been altered in transit.
Hashing vs encryption
Hashing is one-way and cannot be reversed. Encryption is two-way — data can be decrypted back to plaintext with the right key. Use hashing to verify integrity; use encryption to protect confidentiality. Never "hash" passwords with MD5 or SHA — use a proper password hashing function like bcrypt instead.
Frequently asked questions
What is a hash?
A cryptographic hash is a fixed-length fingerprint of any input. The same input always produces the same hash, but it is computationally infeasible to reverse a hash back to the original input.
Which hash algorithm should I use?
Use SHA256 or SHA512 for security-sensitive applications. MD5 and SHA1 are considered cryptographically broken and should only be used for checksums or non-security purposes.
Are hashes calculated in my browser?
Yes. SHA1/SHA256/SHA512 use the Web Crypto API built into your browser. MD5 is computed using a JavaScript implementation. Nothing is sent to the server.