Hash Generator

Used 7,600 times

Enter any text or upload a file and generate MD5, SHA-1, SHA-256, and SHA-512 hashes instantly. Everything runs in your browser — nothing is sent to a server.

Input Text0 chars

Latest Security articles

Hash Generator Online – MD5, SHA256 Tool Guide
Learn how cryptographic hash functions work, when to use MD5 vs SHA-256, and how to generate and verify hashes instantly in your browser — no install required.
HMAC SHA-256 Generator – Sign and Verify Webhook Payloads
Learn how HMAC-SHA256 signatures work, how to generate and verify them for webhook security, and why HMAC provides authenticity guarantees that plain SHA-256 cannot.
JWT Audience Claim Validator – Lock Down Resource Access
Learn how to validate the JWT aud claim to prevent tokens from being accepted by unintended services. Decode and inspect audience claims without exposing private keys.

What is a Cryptographic Hash?

A cryptographic hash function takes any input and produces a fixed-size digest. The same input always produces the same hash; even a one-character change produces a completely different output. Hashes are one-way — you cannot reconstruct the original input from the hash. They are used to verify file integrity, store passwords, and generate checksums.

How to Use

Type or paste text into the input box — hashes update automatically.
Or click Upload File to hash any local file (the file is never sent to a server).
MD5, SHA-1, SHA-256, and SHA-512 are all computed simultaneously.
Click the copy icon next to any hash to copy it to the clipboard.

Common Use Cases

File integrity — Verify a downloaded binary by comparing its SHA-256 against the publisher's checksum.
Content addressing — Generate a deterministic ID for a piece of content (used in Git, IPFS, and caching layers).
API signatures — Many webhook systems sign payloads with HMAC-SHA256; verify the hash matches.
Deduplication — Hash files or records to detect duplicates without comparing full content.

FAQs

Which hash algorithm should I use?

Use SHA-256 or SHA-512 for security-sensitive purposes. MD5 and SHA-1 are broken for collision resistance and should only be used for legacy compatibility or non-security checksums.

Can I use this to hash passwords?

No. Raw SHA-256 is too fast — attackers can brute-force it. Use a dedicated password hashing algorithm like bcrypt, scrypt, or Argon2 on your server instead.

Does the tool handle binary files correctly?

Yes. File uploads are read as ArrayBuffer and hashed on the raw bytes — the same bytes that would be hashed by sha256sum on the command line.