Hash Generator
Generate SHA-256, SHA-384, SHA-512, and SHA-1 hashes from any text. 100% browser-based, no data sent.
Enter text to generate its cryptographic hash using SHA-256, SHA-384, SHA-512, or SHA-1.
Use the output as a checksum or digest, not as encryption. For passwords, use a dedicated password-hashing algorithm such as Argon2, bcrypt, or scrypt instead of plain SHA hashes.
0 characters
Good to know before you copy a hash
A hash is a fingerprint for the exact text you entered. Spaces, line endings, capital letters, and invisible characters all change the digest.
Check the exact input
A trailing space after a filename or token produces a different SHA-256 value.
Prefer SHA-256 for checksums
SHA-256 is a practical default for file integrity and API digest checks.
Treat SHA-1 as legacy
SHA-1 remains useful for comparing old values, but not for new security decisions.
Do not paste secrets casually
Hashing runs in the browser, but you should still avoid placing live passwords or private keys in tools unless you need to.
What Is a Hash and Why Does It Matter?
A hash function takes any input, a password, a file, an entire database, and produces a fixed-length string of characters. The same input always produces the same hash. Change even one character, and the output changes completely. It's a digital fingerprint.
Think of it like a blender: you can turn a banana into a smoothie, but you can't turn the smoothie back into a banana. That one-way property is what makes hashes useful for security. You can verify that someone knows a password without ever storing the password itself.
Hashes are everywhere in software: password storage, file integrity checks, digital signatures, blockchain, caching, and data deduplication. If you're building anything that touches security or data integrity, you'll encounter hash functions daily.
Hash Algorithm Comparison
| Algorithm | Output Size | Security | Use Case |
|---|---|---|---|
| MD5 | 128 bits (32 hex) | Broken, collisions found | Checksums only, never for security |
| SHA-1 | 160 bits (40 hex) | Broken, collision demonstrated in 2017 | Legacy systems, Git (moving away) |
| SHA-256 | 256 bits (64 hex) | Secure, no known vulnerabilities | Digital signatures, certificates, blockchain |
| SHA-384 | 384 bits (96 hex) | Secure | TLS certificates, high-security applications |
| SHA-512 | 512 bits (128 hex) | Secure | File integrity, digital signatures |
| bcrypt | 184 bits | Secure + slow (by design) | Password hashing (preferred) |
What this means for you: Use SHA-256 for general-purpose hashing and integrity checks. For passwords, use bcrypt, scrypt, or Argon2, they're deliberately slow to resist brute-force attacks. Never use MD5 or SHA-1 for anything security-related.
Hash Properties That Matter
| Property | What It Means | Why It Matters |
|---|---|---|
| Deterministic | Same input always produces same output | You can verify data hasn't changed |
| Fixed output size | Any input produces the same length hash | Consistent storage and comparison |
| Avalanche effect | Tiny input change = completely different hash | Can't guess the input from a similar one |
| Pre-image resistant | Can't reverse the hash to find the input | Passwords stay protected |
| Collision resistant | Extremely hard to find two inputs with the same hash | Each "fingerprint" is effectively unique |
Common Hash Use Cases
Password storage
Never store passwords in plain text. Hash them with bcrypt/Argon2 + a unique salt per user. When a user logs in, hash their input and compare. If the database leaks, attackers only get hashes.
File integrity verification
Download a file and its SHA-256 hash separately. Hash the downloaded file locally and compare. If they match, the file wasn't corrupted or tampered with during transfer.
Content-based caching
Hash the content of a file and use that hash in the filename (style.a1b2c3.css). When content changes, the hash changes, breaking the cache. When it doesn't change, the cache persists.
Data deduplication
Hash each file or data chunk. If two hashes match, the data is (almost certainly) identical. This is how backup systems and cloud storage avoid storing duplicate copies.
Why Salting Matters for Passwords
Without a salt, identical passwords produce identical hashes. If two users both choose "password123", their hashes are the same, an attacker who cracks one has cracked both. Pre-computed tables (rainbow tables) contain millions of common password hashes, making unsalted hashes trivial to reverse.
A salt is a unique random string added to each password before hashing. "password123" + "x7Kf9" and "password123" + "mP2qR" produce completely different hashes. Even identical passwords end up with unique hashes. This is why bcrypt and Argon2 automatically generate and store a unique salt per user, you don't have to manage it yourself.
Worked Hashing Example
Suppose you publish a small configuration file and want people to check that it has not changed in transit. You can hash the exact file contents and publish the SHA-256 digest alongside the download.
Input text
release=2026-06-09 region=uk channel=stable
What to compare
Generate SHA-256 for the original text, then generate it again after download. Matching digests mean the bytes are the same.
Be strict about line endings and spaces. A Windows CRLF line ending, a Unix LF line ending, and a trailing blank line all create different byte sequences and therefore different hashes.
Common Hashing Mistakes
Hashing the wrong representation
Hashing copied text is not always the same as hashing a file. File metadata is usually excluded, but encoding and line endings still matter.
Using SHA-1 for new security work
SHA-1 is retained for legacy comparison only. New integrity checks should use a stronger SHA-2 digest such as SHA-256.
Treating a hash as encryption
A hash does not hide data in a recoverable form. It produces a fingerprint for comparison.
Hashing passwords too quickly
Fast hashes are useful for integrity checks. Password storage needs slow, salted password-hashing algorithms.
Related Tools
How to use this tool
Enter or paste text into the input field
Click Generate Hashes to compute all algorithms at once
Copy any individual hash value to your clipboard
Common uses
- Generating file checksums for integrity verification
- Creating content hashes for cache busting
- Comparing SHA-256 digests for downloaded files
- Computing hashes for API authentication signatures
Share this tool
Frequently Asked Questions
What hash algorithms are supported?
Is my data sent anywhere?
What is a cryptographic hash?
Which algorithm should I use?
Is MD5 supported?
Can I reverse a hash to get the original text?
What's the difference between hashing and encryption?
How do I verify a file's integrity with a hash?
Why does SHA-256 always produce 64 characters?
Should I use SHA-256 for password storage?
What is a salt in hashing?
How are hashes used in blockchain?
Results are for general informational purposes only and should be checked before use. They are not professional advice. See our Disclaimer and Terms of Service.