Hash Generator
Generate MD5, SHA-1, SHA-256 and SHA-512 hashes instantly.
What is a Hash and how does it work?
A hash function is a mathematical algorithm that transforms data of any size into a fixed-length string called a "digest" or "hash". The same input always produces the same hash, but it is computationally impossible to reverse the process to obtain the original text. Even a minimal change in the input (such as changing a single letter) produces a completely different hash, a property known as the "avalanche effect".
Hashes are fundamental in computer security: they are used to verify the integrity of downloaded files, securely store passwords (without saving plain text), generate digital signatures, and in technologies like blockchain and Git.
Practical use cases
File verification: When downloading software, compare the SHA-256 hash published by the author with the hash of the downloaded file to confirm it hasn't been modified.
Password storage: Modern databases never store passwords in plain text. They use salted hash functions (bcrypt, Argon2) so that even if the database is leaked, the original passwords remain secure.
Version control: Git uses SHA-1 to identify each commit, file, and branch. Each change generates a unique hash that allows tracking the complete history.
Frequently asked questions
Is MD5 secure for passwords?
No. MD5 has been considered cryptographically broken since 2004. Known collisions exist and it can be cracked in seconds with modern hardware. For passwords, use bcrypt, Argon2, or scrypt. MD5 is only useful for non-critical integrity verification.
What is a hash collision?
A collision occurs when two different inputs produce the same hash. SHA-256 has 2^256 possible values, making collisions practically impossible. MD5 (2^128) and SHA-1 (2^160) have demonstrated collisions and should not be used for security.
Can a hash be decrypted?
Technically no, since hash functions are one-way. However, dictionary attacks and rainbow tables can find the original input if it's a common password. That's why "salt" (random data) is added before hashing.
Which algorithm should I use?
For integrity verification: SHA-256. For passwords: bcrypt or Argon2. For digital signatures: SHA-256 or SHA-512 with RSA/ECDSA. Avoid MD5 and SHA-1 for any security purpose.
Algorithm comparison
| Algorithm | Length | Security | Speed |
|---|---|---|---|
| MD5 | 128 bits | Insecure | Very fast |
| SHA-1 | 160 bits | Insecure | Fast |
| SHA-256 | 256 bits | Secure | Moderate |
| SHA-512 | 512 bits | Very secure | Moderate |