Skip to main content
Back to Tools

Hash Generator

Compute MD5, SHA-1, SHA-256, and SHA-512 hashes instantly in your browser. Paste any text and copy the hex digest. No data leaves your machine.

TL;DR. Paste any text above and all four hash digests update in real time. Use SHA-256 for new work — it is the secure default. MD5 and SHA-1 are shown for legacy compatibility only; both have known collision vulnerabilities. If you need to hash passwords, do not use this tool — use bcrypt or argon2id instead (see FAQ below).

MD5
Waiting for input...
SHA-1
Waiting for input...
SHA-256
Waiting for input...
SHA-512
Waiting for input...

Choosing the right hash algorithm

Not all hash functions are equal. The choice depends on whether you need speed (checksums), collision resistance (digital signatures), or deliberate slowness (passwords). Here is how the four algorithms in this tool compare:

  • MD5 (32 hex chars, 128 bits): Fast but cryptographically broken. Two different files can produce the same MD5 hash (a collision attack). Only use it to verify a checksum published by a legacy system that already uses MD5 — never generate new MD5 checksums for security-sensitive files.
  • SHA-1 (40 hex chars, 160 bits): Deprecated by NIST in 2011 and practically broken by the SHAttered attack in 2017. Git historically used SHA-1 for commit IDs but is migrating to SHA-256. Avoid SHA-1 for any new application.
  • SHA-256 (64 hex chars, 256 bits): The safe default for nearly all use cases today. Used in TLS certificate fingerprints, Bitcoin block headers, Docker image layer IDs, and AWS S3 content hashes. When in doubt, choose SHA-256.
  • SHA-512 (128 hex chars, 512 bits): Part of the same SHA-2 family as SHA-256 but with a larger internal state. On 64-bit processors it can actually run faster than SHA-256 because it processes 1024-bit blocks. The main use case is HMAC-SHA512 tokens where you want extra security margin.

Hash algorithms: output lengths and security status

This table covers all common algorithms you will encounter in production systems, including the password-specific hashers that should never be confused with general-purpose hash functions.

AlgorithmHex charsBitsSecurity status
MD532128Broken - legacy only
SHA-140160Deprecated (NIST 2011)
SHA-22456224Acceptable, rarely used
SHA-25664256Safe - recommended default
SHA-38496384Safe - overkill for most uses
SHA-512128512Safe - best for HMAC on 64-bit
SHA-3 (256)64256Safe - different construction than SHA-2
BLAKE2b128512Safe - faster than SHA-512 on modern CPUs
BLAKE364+256+Safe - fastest, parallelizable
bcrypt60 (base64)N/APasswords only - intentionally slow
scryptvariableN/APasswords only - memory-hard
argon2idvariableN/APasswords only - OWASP recommended

Practical examples

  • Verify a downloaded file: The publisher posts a SHA-256 checksum next to the download link. After downloading, hash the file and compare the hex strings character by character. Any mismatch means the file was corrupted or tampered with. Tools: sha256sum on Linux/macOS, Get-FileHash on Windows PowerShell.
  • Sign an API webhook: GitHub and Stripe sign webhook payloads with HMAC-SHA256 using your secret key. Your server recomputes the HMAC and compares it to the X-Hub-Signature-256 header. Use a constant-time comparison function to prevent timing attacks.
  • Deduplicate file storage: Hash every uploaded file with SHA-256 and use the digest as the storage key. Files with identical content get the same key, so you only store each unique file once. This is how content-addressable storage (Git objects, IPFS, Docker layers) works.
  • Build an etag for HTTP caching: Hash the response body with SHA-256 (or MD5 for lightweight cases). Send the digest as the ETag header. On subsequent requests, if the client sends the same etag in If-None-Match and the content has not changed, return 304 Not Modified.
  • Generate a cache-busting fingerprint: Hash a CSS or JS bundle and append the first 8 hex chars to the filename: app.a1b2c3d4.js. CDNs and browsers treat this as a new file, so users always get the latest version without a hard refresh.

Security warning: never use these for password storage. MD5, SHA-1, SHA-256, and SHA-512 are designed to be fast. An attacker with a modern GPU can compute billions of SHA-256 hashes per second. A 10-character password hashed with raw SHA-256 can be cracked in minutes. For passwords, always use a purpose-built slow hash: argon2id (OWASP top recommendation), bcrypt (the established standard), or scrypt (memory-hard). These functions include automatic salting and are intentionally slow to resist brute force.

Frequently asked questions

What is a hash function and what is it used for?+
A hash function takes any input and produces a fixed-length fingerprint called a digest. It is deterministic (same input always gives the same output), fast to compute, and designed so that it is practically impossible to reverse. Common uses include verifying file integrity (checking a downloaded ISO matches the publisher's published checksum), detecting accidental data corruption, building data structures like hash tables, and as a building block in digital signatures and HMAC authentication.
Which algorithm should I choose: MD5, SHA-1, SHA-256, or SHA-512?+
SHA-256 is the safe default for almost everything today. MD5 produces a 32-character (128-bit) hex digest but has known collision attacks, meaning two different files can produce the same hash - it is deprecated for any security purpose and only kept here for legacy compatibility checks. SHA-1 (40 hex chars, 160 bits) was officially deprecated by NIST in 2011 and broken in practice by SHAttered in 2017 - avoid it for new work. SHA-512 (128 hex chars, 512 bits) is useful for HMAC authentication on 64-bit platforms where it can actually run faster than SHA-256. For new projects: SHA-256 for checksums and general integrity, SHA-512 for HMAC tokens where you need extra margin.
Can I use this tool to hash passwords for storage in a database?+
No. Never use MD5, SHA-1, SHA-256, or SHA-512 directly for password storage. These general-purpose hash functions are designed to be fast, which makes them easy to brute-force with a GPU. For passwords, use a purpose-built slow hash: bcrypt (the standard), scrypt, or argon2id (the modern recommendation from OWASP). These functions are intentionally slow and include a salt to prevent rainbow-table attacks. This tool is for file checksums and data integrity, not password hashing.
What is a salt and why does it matter?+
A salt is a random value added to the input before hashing. Without a salt, two users with the same password produce the same hash, and an attacker with a precomputed rainbow table can reverse all common passwords instantly. With a per-user random salt, every stored hash is unique, so the attacker has to crack each one individually. Purpose-built password hashers like bcrypt and argon2id handle salt generation automatically. For general data integrity hashes (file checksums) salts are not needed because you are not trying to protect the pre-image.
What is HMAC and when should I use it instead of a plain hash?+
HMAC (Hash-based Message Authentication Code) combines a secret key with a hash function: HMAC-SHA256(key, message). A plain hash only proves the data has not changed accidentally. HMAC additionally proves it was produced by someone who knows the secret key, providing authenticity as well as integrity. Use HMAC when verifying API request signatures (GitHub webhooks, Stripe events), signing JWT tokens (HS256/HS512), or creating tamper-evident session tokens. HMAC-SHA256 is the standard choice; HMAC-SHA512 provides a larger security margin for sensitive long-lived tokens.
Does this tool send my data to a server?+
No. All hashing happens in your browser using the crypto-js library. Your input text never leaves your machine, no account is required, and the tool works offline once the page is loaded. This makes it safe to hash sensitive data like internal file contents or configuration strings for verification purposes.

Related security tools