Hash Generator (MD5, SHA-1/256/384/512)

What hashing actually does

A hash function takes any input and produces a fixed-size output. The output looks random but is fully deterministic — same input always produces the same hash. Good hashes have three properties: pre-image resistance (given a hash, you can't reverse it to the input), collision resistance (you can't find two inputs that produce the same hash), and avalanche (one bit changed in the input flips ~half the bits in the output).

What hashing is not: encryption. There is no key. There is no "decrypting" a hash. If someone tells you they're "encrypting passwords with SHA-256", they are misusing both terms and probably also their authentication system.

The five algorithms in this tool

| Algorithm | Output size | Safe for security in 2026? | Use for | |---|---|---|---| | MD5 | 128 bits | No | Non-security checksums (file dedup, cache keys) | | SHA-1 | 160 bits | No | Legacy compatibility only | | SHA-256 | 256 bits | Yes | Default for new code | | SHA-384 | 384 bits | Yes | Compliance regimes that mandate it | | SHA-512 | 512 bits | Yes | When you need more output size (rare) |

MD5 and SHA-1 are broken for cryptographic uses because collision attacks against them are practical. They are not broken for non-security uses like detecting accidental file corruption or generating cache keys, where an attacker isn't actively trying to construct collisions.

The mistake: hashing passwords with SHA-256

Every backend developer has done this once and learned not to:

// DON'T
const hashed = sha256(password);

SHA-256 is fast — a modern GPU can compute billions per second. That's exactly what you don't want for password storage, because an attacker who steals your database can brute-force the hashes at the same speed.

Use password hashing functions designed to be slow:

• bcrypt — old standard, well-understood, fine for most cases
• scrypt — memory-hard, harder to GPU-attack than bcrypt
• Argon2id — current state of the art, winner of the Password Hashing Competition

These take ~100ms to compute, which is invisible to a user logging in but catastrophic for an attacker trying billions of guesses. Use a library: argon2 (Node), bcrypt (Python/Go/etc.), or your framework's built-in. Never call SHA-256 on a password.

HMAC — keyed hashing

HMAC ("Hash-based Message Authentication Code") combines a hash with a secret key. The verifier needs the same key to confirm the signature. Common uses:

• Webhook signatures (Stripe, GitHub, etc. use HMAC-SHA-256)
• API request signing (AWS SigV4 derivatives)
• JWT HS256 (this is just HMAC-SHA-256 over the header+payload)

For HMAC, the algorithm matters less than the key length and secrecy. HMAC-SHA-256 with a 32-byte random key is unbroken; HMAC-MD5 with a 16-byte key is still unbroken (the MD5 collision attack doesn't translate to HMAC). Still, use SHA-256 or higher for new code.

File hashing

This tool reads files into memory and hashes them — fine for files up to a few hundred MB on a typical machine. For multi-GB files, use a streaming CLI like shasum -a 256 file.bin (macOS/Linux) or Get-FileHash (PowerShell). Streaming avoids loading the whole file at once.

The hashes produced here match what your CLI tool will give you. Useful for verifying downloads — find the publisher's published hash, then compute the same algorithm here and compare.

Hex vs Base64 output

Same hash, different display. Hex is universal but verbose (SHA-256 = 64 chars). Base64 is shorter (SHA-256 = 44 chars) and appears in things like Subresource Integrity attributes. Switch the toggle above.

Privacy

All computation happens in your browser. SHA family via the native WebCrypto API (crypto.subtle.digest), MD5 via the open-source js-md5 library. No request to our server is ever made.

Related tools

• Password Generator — generate a strong random string (which you then hash with bcrypt/argon2, never raw SHA).
• UUID Generator — when you need a unique ID, not a hash.

Should I hash passwords with SHA-256?

No. SHA-256 is too fast — an attacker with a stolen database can brute-force billions of password guesses per second. Use a slow password hashing function (Argon2id, bcrypt, scrypt) via a library. SHA-256 is for data integrity, not password storage.

Is MD5 secure?

For data integrity against accidental corruption: fine. For anything where an attacker might construct collisions (signatures, certificates, cryptographic uses): broken since 2004. Don't use for new security code.

What's the difference between SHA-256 and SHA-3?

Both are modern and secure. SHA-256 is part of the SHA-2 family, widely deployed since 2001. SHA-3 (Keccak) was standardized later as a backup with a fundamentally different construction. SHA-256 is the practical default; SHA-3 is fine when specifically required.

Why same input = same hash?

That's the definition of a hash function — deterministic. If you want different outputs for the same input, you want HMAC (add a secret key) or just append a random salt before hashing.

What about hash collisions?

For SHA-256, the probability of finding any two inputs that collide is so low (1 in 2^128 for a birthday attack) that it has never been observed. For MD5, collisions can be constructed in minutes on a laptop. SHA-1 collisions cost about $110k of GPU time as of 2017.

HMAC vs plain hash?

Plain hash: anyone can compute it from the same input. HMAC: requires a shared secret key, so it also authenticates that the message came from someone with the key. Use HMAC for webhook signatures, API request signing, and JWT HS256.

Does file hashing work on large files?

Up to a few hundred MB comfortably. Beyond that, the browser loads the whole file into memory which gets slow. For multi-GB files, prefer a streaming CLI: shasum -a 256 (Unix) or Get-FileHash (PowerShell).