Hash Generator
Compute MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes of any text or file. Everything runs locally in your browser.
Files are processed in your browser. Nothing is uploaded.
What is a hash?
A cryptographic hash is a fixed-size digest of arbitrary input. The same input always produces the same digest, but even a one-character change produces a completely different digest. Good hashes are also one-way — there's no efficient method to recover the input from the output.
When to use which algorithm
| Algorithm | Output | Use it for | Don't use it for |
|---|---|---|---|
| MD5 | 128 bit | Checksums, deduplication, file fingerprinting | Anything security-related |
| SHA-1 | 160 bit | Legacy compatibility (Git, older systems) | New cryptographic uses |
| SHA-256 | 256 bit | TLS certificates, Bitcoin, signatures, modern security | Password storage (use bcrypt/argon2 instead) |
| SHA-384 | 384 bit | Higher-security signing, NSA Suite B | — |
| SHA-512 | 512 bit | Long-term archival hashing, password derivation | — |
Verifying file integrity
Many software downloads publish a SHA-256 hash alongside the file. After downloading, hash the file with this tool and compare the result to the published value. If they match, the file is byte-for-byte identical to what the publisher intended; if not, the file is corrupted or tampered with.
Frequently asked questions
Why does my hash differ from another tool's output?
The most common cause is a trailing newline in your input. Many command-line tools add one when echoing text. To match echo "hello" from the shell, your input must be hello followed by a newline. Use echo -n "hello" for no newline.
Can I hash very large files?
Yes — files are read in chunks using the browser's streaming API for SHA variants. MD5 currently reads the whole file into memory, which works fine up to a few hundred megabytes on most machines.
Should I use this for passwords?
No. Plain hashes are too fast — modern GPUs can compute billions of SHA-256 hashes per second, making brute-force feasible. Use bcrypt, scrypt, or argon2id (with a random per-user salt) for password storage.