Is my data sent anywhere?

No. Every hash is computed inside your browser tab using the Web Crypto API (for SHA) and a self-contained MD5 implementation. Nothing is uploaded. Open the Network tab in your developer tools and click Hash - you will see zero outgoing requests.

Why is MD5 marked "not for security use"?

MD5 was broken as a cryptographic primitive in the early 2000s: collisions can be produced intentionally, and its digest is too short to resist GPU-based brute-force on stolen password databases. It remains useful for integrity checks when a dedicated attacker is not the threat model (for example, checking that a download was not corrupted in transit), but never for password storage or digital signatures.

Which algorithm should I use for passwords?

None of the algorithms here. General-purpose hashes are deliberately fast, which makes them efficient for brute-force attacks. For passwords, use a memory-hard function: bcrypt, scrypt, Argon2id, or PBKDF2 with a high iteration count. Those are typically configured on the server side, not in the browser.

How do I verify a file download?

Switch to File mode, drop your downloaded file, and compare the SHA-256 or SHA-512 hex output against the checksum published by the software vendor. If they match, the file arrived intact and was not tampered with in transit.

Hash Generator - MD5, SHA-1, SHA-256, SHA-384, SHA-512

How the hashing works

Everything happens inside your browser tab. For the SHA family (SHA-1, SHA-256, SHA-384, SHA-512), this tool delegates to the browser's built-in Web Crypto API - crypto.subtle.digest: which is backed by your operating system's native cryptographic library. For MD5, a self-contained TypeScript implementation is used because MD5 is not available in the Web Crypto API. Neither path sends any data to a server.

File hashing reads the entire file into memory as an ArrayBuffer and passes it to the same hash functions. This means very large files (hundreds of megabytes) will consume proportional RAM. The tool shows a warning when files approach that size.

Choosing the right algorithm

For new uses where you control both ends, prefer SHA-256 or SHA-512. Both are collision-resistant, widely supported, and recommended by NIST for general-purpose integrity and fingerprinting.

SHA-1 was retired for most security purposes after demonstrated collision attacks in 2017 (SHAttered). It still appears in older systems (Git, some TLS certificates issued before 2017) and is included here for compatibility checking.

MD5 is included because it remains the most common checksum format for mirror-distributed software packages. Never use it for security-sensitive purposes, only for detecting accidental data corruption.

Verifying a downloaded file

Software vendors publish expected checksums alongside download links. To verify a file: switch to File mode, pick the algorithm the vendor used (usually SHA-256 or SHA-512), drop or browse to the downloaded file, and copy the hex output. Compare it character-by-character against the published value. A mismatch indicates corruption or substitution in transit.

Hex versus Base64

Both encodings represent the same underlying bytes. Hex is more readable and is the standard format in most developer and security tools. Base64 is about 33% shorter and is common in HTTP headers, JWT tokens, and configuration files that need compact, printable representations.

Hash collision resistance

A hash collision occurs when two different inputs produce the same hash output. For a hash function to be cryptographically secure, collisions must be computationally infeasible to find:

MD5: practical collisions demonstrated since 2004; should never be used for security purposes.
SHA-1: the SHAttered attack (Google/CWI, 2017) produced the first SHA-1 collision, costing approximately $110,000 in cloud compute. Retired by NIST and browser vendors.
SHA-256 / SHA-3: currently collision-resistant; no known practical attacks against the full cipher.

Password hashing vs. data hashing

This tool uses general-purpose hash functions (SHA-256, SHA-512). These are designed to be fast - which is ideal for integrity checking but dangerous for password storage. Fast hashes allow an attacker to compute billions of guesses per second with a GPU. For passwords, always use a purpose-built password hashing algorithm: bcrypt, Argon2, or scrypt. These are intentionally slow and memory-hard, making brute-force attacks impractical.