What's the difference between MD5, SHA-1, SHA-256, and SHA-512?

MD5 (1991): 128-bit output, FAST, BROKEN for security since 2004 (collisions found). Use only for non-security checksums. SHA-1 (1995): 160-bit output, FAST, also BROKEN (Google announced practical collision in 2017). Microsoft, Google, Mozilla all deprecated SHA-1. SHA-256 (2001): 256-bit output, secure as of 2026, used in Bitcoin and SSL/TLS certificates. SHA-512 (2001): 512-bit output, more secure than SHA-256 in theory, slightly faster on 64-bit systems. For security: use SHA-256 or SHA-512. For speed only (non-security checksums): MD5 is fastest.

Why shouldn't I use these to hash passwords?

MD5, SHA-1, and SHA-256 are designed to be FAST. For password storage, you want SLOW — making brute-force attacks expensive. Modern attackers can compute 100+ billion MD5 hashes per second on a single GPU; cracking an 8-character password takes minutes. Password hashing functions (bcrypt, scrypt, Argon2) are intentionally slow (typically 100ms per hash) and include built-in salting (random values added to prevent rainbow-table attacks). Always use bcrypt/scrypt/Argon2 for passwords. SHA-256 is fine for file integrity, blockchain, digital signatures.

What is hash collision and why does it matter?

A hash collision occurs when two different inputs produce the same hash output. By the 'pigeonhole principle,' collisions are mathematically inevitable for any hash function (input space is infinite, output space is finite). The question is how HARD it is to find one. MD5: trivially easy in 2026 (seconds on a laptop). SHA-1: practical attacks demonstrated. SHA-256: no known practical attacks; would require ~2^128 operations on average (more than the universe's energy budget could fund). For digital signatures, file integrity, and blockchain, hash strength matters enormously.

How do I verify a file's integrity with a hash?

Workflow: (1) Source publishes the SHA-256 hash of a file (e.g., on a downloads page or in a release note). (2) Download the file. (3) Compute SHA-256 of your downloaded file (this tool, or 'shasum -a 256 file.tar.gz' on Mac/Linux, 'Get-FileHash file.exe -Algorithm SHA256' on Windows). (4) Compare your hash to the published one. Match = file is intact. Mismatch = corrupted or tampered. Common practice for: Linux ISO downloads (Ubuntu, Debian), open-source software releases, package managers (npm, pip can verify integrity hashes).

Can I reverse a hash to find the original input?

Theoretically no — hash functions are designed to be one-way. In practice, common short inputs CAN be looked up via 'rainbow tables' — pre-computed databases of common-input → hash mappings. Sites like crackstation.net have rainbow tables for billions of common passwords. SALTED hashes (input + random per-record salt) defeat rainbow tables since each record has a different salt. For passwords, always salt + use slow KDF. For non-secret data, hashes are effectively reversible if the input is in any rainbow-table corpus.

What's HMAC and when do I need it?

HMAC (Hash-based Message Authentication Code) combines a hash with a secret key to authenticate messages. Used in: API request signing (AWS, Stripe), JSON Web Tokens (JWT), webhook verification (validating that GitHub/Stripe/Slack sent a webhook). Format: HMAC-SHA256(key, message). Without HMAC, a hash by itself doesn't prove who created it. With HMAC, only someone with the secret key can produce a valid hash for a given message. This tool generates plain hashes; for HMAC, use a dedicated HMAC tool or library (Node crypto.createHmac, Python hmac module).

Developer Utilities · Free tool

Hash Generator

Create MD5, SHA-1, SHA-256, and SHA-512 hashes from any text or file directly in your browser. Your data never leaves your computer with this free, instant tool.

Updated June 2026

Input text

MD5

SHA-1

SHA-256

SHA-512

Found this useful?Email Buy Me a Coffee

What it does

Generate MD5, SHA-1, SHA-256, and SHA-512 hashes from any text — all four at once, computed locally, nothing sent anywhere. Useful for verifying a file-integrity checksum, building a fingerprint for deduplication, or testing a hashing pipeline during development.

One thing worth being clear about: do not use MD5 or SHA-1 for storing passwords. Both are broken for that purpose — too fast, well-rainbowed, and missing a salt. For password storage use a proper password-hashing function (bcrypt, scrypt, Argon2). See How to hash passwords for the full explanation, and Password Breach Checker if you want to check whether your password has leaked.

Embed this tool on your siteShow snippet

Paste this snippet into any page. Loads on-demand (lazy), no tracking scripts, and sized to most dashboards. Replace the height to fit your layout.

<iframe src="https://freetoolarena.com/embed/hash-generator" width="100%" height="720" frameborder="0" loading="lazy" title="Hash Generator" style="border:1px solid #e2e8f0;border-radius:12px;max-width:720px;"></iframe>

Embed docs →

How to use it

Type or paste your input into the textarea.
All four hashes update as you type.
Use the Copy button next to any hash.
Clear the input when done — nothing is remembered.

When to use this tool

Verifying a downloaded file’s integrity against a published checksum.
Generating fingerprints for deduplication of strings or content.
Testing a hashing pipeline during development.
Comparing two strings to see if they’re identical without revealing them.

When not to use it

Password storage — use bcrypt, scrypt, or Argon2 instead.
Sensitive data integrity in production — use HMAC for authenticated hashing.
MD5 or SHA-1 for any security purpose — both are broken; use SHA-256 or SHA-512.

Common use cases

Verifying SHA-256 of an Ubuntu ISO download matches the published value before installing.
Generating MD5 fingerprints to detect duplicate user-uploaded photos in a database.
Checking if a Bitcoin transaction’s SHA-256 hash matches the chain.
Testing whether two large text files are identical by comparing SHA-256 hashes.

Frequently asked questions

What's the difference between MD5, SHA-1, SHA-256, and SHA-512?: MD5 (1991): 128-bit output, FAST, BROKEN for security since 2004 (collisions found). Use only for non-security checksums. SHA-1 (1995): 160-bit output, FAST, also BROKEN (Google announced practical collision in 2017). Microsoft, Google, Mozilla all deprecated SHA-1. SHA-256 (2001): 256-bit output, secure as of 2026, used in Bitcoin and SSL/TLS certificates. SHA-512 (2001): 512-bit output, more secure than SHA-256 in theory, slightly faster on 64-bit systems. For security: use SHA-256 or SHA-512. For speed only (non-security checksums): MD5 is fastest.
Why shouldn't I use these to hash passwords?: MD5, SHA-1, and SHA-256 are designed to be FAST. For password storage, you want SLOW — making brute-force attacks expensive. Modern attackers can compute 100+ billion MD5 hashes per second on a single GPU; cracking an 8-character password takes minutes. Password hashing functions (bcrypt, scrypt, Argon2) are intentionally slow (typically 100ms per hash) and include built-in salting (random values added to prevent rainbow-table attacks). Always use bcrypt/scrypt/Argon2 for passwords. SHA-256 is fine for file integrity, blockchain, digital signatures.
What is hash collision and why does it matter?: A hash collision occurs when two different inputs produce the same hash output. By the 'pigeonhole principle,' collisions are mathematically inevitable for any hash function (input space is infinite, output space is finite). The question is how HARD it is to find one. MD5: trivially easy in 2026 (seconds on a laptop). SHA-1: practical attacks demonstrated. SHA-256: no known practical attacks; would require ~2^128 operations on average (more than the universe's energy budget could fund). For digital signatures, file integrity, and blockchain, hash strength matters enormously.
How do I verify a file's integrity with a hash?: Workflow: (1) Source publishes the SHA-256 hash of a file (e.g., on a downloads page or in a release note). (2) Download the file. (3) Compute SHA-256 of your downloaded file (this tool, or 'shasum -a 256 file.tar.gz' on Mac/Linux, 'Get-FileHash file.exe -Algorithm SHA256' on Windows). (4) Compare your hash to the published one. Match = file is intact. Mismatch = corrupted or tampered. Common practice for: Linux ISO downloads (Ubuntu, Debian), open-source software releases, package managers (npm, pip can verify integrity hashes).
Can I reverse a hash to find the original input?: Theoretically no — hash functions are designed to be one-way. In practice, common short inputs CAN be looked up via 'rainbow tables' — pre-computed databases of common-input → hash mappings. Sites like crackstation.net have rainbow tables for billions of common passwords. SALTED hashes (input + random per-record salt) defeat rainbow tables since each record has a different salt. For passwords, always salt + use slow KDF. For non-secret data, hashes are effectively reversible if the input is in any rainbow-table corpus.
What's HMAC and when do I need it?: HMAC (Hash-based Message Authentication Code) combines a hash with a secret key to authenticate messages. Used in: API request signing (AWS, Stripe), JSON Web Tokens (JWT), webhook verification (validating that GitHub/Stripe/Slack sent a webhook). Format: HMAC-SHA256(key, message). Without HMAC, a hash by itself doesn't prove who created it. With HMAC, only someone with the secret key can produce a valid hash for a given message. This tool generates plain hashes; for HMAC, use a dedicated HMAC tool or library (Node crypto.createHmac, Python hmac module).

See how this compares

Head-to-headBase64 vs Hex encodingBase64 vs Hex encoding compared: size overhead, readability, URL safety, and typical use cases. Free Base64 encoder/decoder included.

Learn more

Explore more developer utilities tools

100% in-browserNo downloadsNo sign-upMalware-freeHow we keep this safe →