Hash Generator
Generate cryptographic hashes (MD5, SHA-1, SHA-256, SHA-512) from text. Free, secure, and instant - all processing in your browser.
A hash generator takes any text input and produces a fixed length string called a hash. No matter how long or short your input is, the output is always the same length for a given algorithm. Type the same text twice and you will always get the same hash. Change even a single character and the output changes completely.
This tool supports four algorithms: MD5, SHA-1, SHA-256, and SHA-512. All hashing runs in your browser using the Web Crypto API, so your input never leaves your device.
How Does Hashing Work?
A cryptographic hash function takes your input and runs it through a mathematical process that produces a unique fingerprint. That fingerprint is the hash.
Three properties make hashing useful in security and development:
It is one way. You can generate a hash from text, but you cannot reverse the process to get the original text back from the hash. This is what separates hashing from encoding schemes like Base64, which can be reversed by anyone.
It is deterministic. The same input always produces the same hash. This is what makes hashing useful for verification. If two hashes match, the inputs were identical.
It is sensitive to change. Alter a single character in the input and the output hash changes entirely. This property is called the avalanche effect, and it is what makes hashing reliable for detecting tampering.
Which Algorithm Should You Use?
The tool generates hashes for all four algorithms at once, but it helps to understand what each one is for.
MD5 produces a 128-bit hash and is extremely fast. It was widely used for checksums and password storage in the past, but cryptographic weaknesses were discovered and it is no longer considered secure for anything sensitive. It still appears in legacy systems and is sometimes used for non-security purposes like detecting duplicate files.
SHA-1 produces a 160-bit hash and was the successor to MD5. It has also been deprecated for security use after collision vulnerabilities were demonstrated. You may still encounter it in older SSL certificates and Git commit identifiers, but it should not be used for new security implementations.
SHA-256 is part of the SHA-2 family and produces a 256-bit hash. It is the current industry standard and is used extensively across web security, including TLS certificates, code signing, and password hashing. If you are not sure which algorithm to use, SHA-256 is the right choice for most purposes.
SHA-512 also belongs to the SHA-2 family and produces a 512-bit hash. It offers a larger output size and can be faster than SHA-256 on 64-bit systems. It is well suited to situations where maximum collision resistance is a priority, such as signing large files or high security data storage.
Common Uses for Hashing
Password storage. Databases should never store passwords in plain text. Instead, the password is hashed before storage. When a user logs in, their input is hashed and compared to the stored hash. A breach of the database exposes only the hashes, not the passwords themselves.
File integrity verification. Software downloads often come with a published SHA-256 hash. After downloading, you can hash the file yourself and compare it to the published value. If they match, the file has not been modified or corrupted in transit.
Digital signatures. When signing a document or piece of code, the hash of the content is what gets signed rather than the content itself. This keeps the signature small regardless of how large the original file is.
Data deduplication. Storage systems use hashing to detect duplicate files. If two files produce the same hash they are identical, so only one copy needs to be kept.
Checksums. Hashes are used as checksums in databases, APIs, and caching systems to detect whether data has changed since it was last processed.
Hashing vs Encryption vs Encoding
These three terms are often confused but they are fundamentally different.
Hashing is one way. You cannot reverse a hash to get the original input. It is used to verify data, not protect it for later retrieval.
Encryption is two way. Encrypted data can be decrypted with the right key. It is used when you need to store or transmit data securely and retrieve it later.
Encoding such as Base64 has no security purpose at all. It is simply a format conversion and can be reversed by anyone instantly.