Online Hash Generator — MD5, SHA-256, SHA-512

• Generates MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes
• Hash functions are one-way — you cannot reverse a hash to get the original text
• SHA-256 produces a 64-character hex string from any input
• MD5 and SHA-1 are considered weak — use SHA-256 or SHA-512 for security
• Same input always produces the same hash (deterministic)

Use Cases

Frequently Asked Questions

What is the difference between MD5, SHA-1, and SHA-256?

MD5 produces a 128-bit (32-char) hash, SHA-1 produces 160-bit (40-char), and SHA-256 produces 256-bit (64-char). MD5 and SHA-1 have known collision vulnerabilities; SHA-256 is recommended for security.

Is hashing the same as encryption?

No. Hashing is a one-way function — you cannot recover the original text from a hash. Encryption is reversible with the correct key.

Can I reverse a SHA-256 hash to get the original text?

No. Cryptographic hashes are designed to be irreversible. You can only verify by hashing the same input and comparing results.

Why does changing one character completely change the hash?

This is called the avalanche effect — a core property of secure hash functions. Even adding a space or changing case produces a completely different digest.

Is MD5 still safe to use?

MD5 is broken for security purposes (collision attacks exist). It is still used for non-security checksums like file download verification, but use SHA-256 for anything security-related.

Which hash algorithm should I use for passwords?

Do not use plain SHA-256 or MD5 for passwords. Use dedicated password hashing algorithms like bcrypt, Argon2, or PBKDF2 that include salting and configurable work factors.

Is my text sent to a server when I generate a hash?

No. All hashing runs locally in your browser using the Web Crypto API (for SHA family) or in-page JavaScript (for MD5). Your text never leaves your device. You can verify zero network calls in DevTools → Network.

Will the hash here match what Node.js / Python / OpenSSL produces?

Yes — exactly. The output is standard lowercase hexadecimal. SHA-256('hello') = 2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824 — identical in this tool, in `openssl dgst -sha256`, in Node.js `crypto.createHash('sha256').update('hello').digest('hex')`, and in Python `hashlib.sha256(b'hello').hexdigest()`.

Why are my hashes different when I add a newline at the end?

Because a newline is part of the input. SHA-256('hello') and SHA-256('hello\n') are completely different. This trips up developers who compare a hash from `echo hello | sha256sum` (which adds a trailing newline) with a hash from a string literal in code. Use `echo -n hello | sha256sum` or `printf hello | sha256sum` to exclude the newline.

Can I hash a file with this tool?

This tool hashes text input. For file hashing, use `sha256sum file.iso` on Linux/Mac, `Get-FileHash file.iso` in PowerShell, or `certutil -hashfile file.iso SHA256` on Windows. The output is the same hex digest format — you can paste it here in compare-mode to verify integrity.

How long is a SHA-256 hash?

SHA-256 produces a 256-bit digest, which is 32 bytes, displayed as 64 hexadecimal characters (since each hex char = 4 bits). Other lengths: MD5 = 32 hex chars, SHA-1 = 40 chars, SHA-384 = 96 chars, SHA-512 = 128 chars. If your hash isn't exactly one of these lengths, something is wrong (encoding mismatch, truncation, or wrong algorithm).