Does the file upload hash the file content?

Yes, the raw file bytes are hashed — identical to sha256sum on the command line. Filename and metadata are not included.

MD5 & SHA Hash Generator — Free Online Hash Calculator

What Is a Hash Function?

A cryptographic hash function takes an input of any length and produces a fixed-size output — called a hash, digest, or checksum. Hash functions are one-way: you cannot reverse-engineer the original input from the hash. Even the smallest change to the input (a single character, a single bit) produces a completely different hash — this property is called the avalanche effect.

Hash functions are fundamental to computer science and security: verifying file integrity, storing passwords, digital signatures, blockchain, deduplication, and more all rely on them.

MD5, SHA-1, SHA-256, SHA-384, SHA-512 — Which Should You Use?

Not all hash algorithms are equal. Here is the practical guide:

MD5 (128-bit / 32 hex chars) — Fast, universally supported, but cryptographically broken: collision attacks are practical. Use only for non-security purposes such as checksums, cache keys, and deduplication where collision resistance is not required. Never use for passwords or signatures.

SHA-1 (160-bit / 40 hex chars) — Deprecated for security use since 2017. Collision attacks are practical (SHAttered). Still seen in legacy git commits and older SSL certificates. Avoid for new applications.

SHA-256 (256-bit / 64 hex chars) — The current standard. Part of the SHA-2 family, collision-resistant, widely supported. Use for file integrity, HMAC, JWT signatures, TLS certificates, and most security applications.

SHA-384 (384-bit / 96 hex chars) — Stronger SHA-2 variant. Used in TLS 1.3 cipher suites and when regulatory requirements mandate 384-bit security. Slightly slower than SHA-256.

SHA-512 (512-bit / 128 hex chars) — Maximum SHA-2 strength. Useful for high-security environments; actually faster than SHA-256 on 64-bit hardware due to larger block size.

Common Uses for Online Hash Generation

File integrity verification — After downloading software, compare the SHA-256 hash published by the vendor against the hash of your downloaded file. A match confirms the file was not corrupted or tampered with.

Password hashing concept — Understand how password hashing works (though production systems must use bcrypt, Argon2, or PBKDF2 with a salt — never raw SHA-256).

API signatures — Many APIs use HMAC-SHA256 to sign requests. Verify your payload hash matches the expected signature.

Deduplication — Hash files or records to detect duplicates without comparing byte-by-byte.

Data fingerprinting — Identify a specific version of a document or dataset by its hash, without storing the full content.

Debugging — Quickly verify whether two strings or files are identical by comparing their hashes.

How Hashing Works in Your Browser

This tool computes hashes entirely client-side. SHA-1, SHA-256, SHA-384, and SHA-512 are computed using the browser's native Web Cryptography API (crypto.subtle.digest), implemented in optimized native code. MD5 is computed using a pure JavaScript implementation of the RFC 1321 algorithm — necessary because MD5 is not included in the Web Crypto API due to its broken security properties. Both run entirely in your browser; no data is uploaded to any server.

Examples

Verify a file download

After downloading a file, upload it here and compare the SHA-256 hash with the checksum published on the vendor's website. A mismatch means the file is corrupted or tampered.

SHA-256 with curl + openssl

echo -n "hello world" | openssl dgst -sha256
# or
sha256sum myfile.zip

MD5 checksum

# Linux/macOS
md5sum myfile.iso

# macOS
md5 myfile.iso

# Windows PowerShell
Get-FileHash myfile.iso -Algorithm MD5

Hash in Node.js

const crypto = require('crypto');
const hash = crypto
  .createHash('sha256')
  .update('hello world')
  .digest('hex');
console.log(hash);

MD5, SHA-1, SHA-256: pick the right tool, not the strongest one

Editor’s note — by Amine H., last reviewed 27 May 2026.

There are three honest reasons to hash something: (1) compare two large files quickly for accidental corruption, (2) build a fingerprint for caching, deduplication or content addressing, (3) cryptographic security. Each reason has a different right answer. “Always use the strongest available” is wrong advice — it conflates these use cases and uses general-purpose hashes for passwords, where they are catastrophically inappropriate.

MD5 — broken for security, fine for the rest

Collision attacks against MD5 have been practical since 2004 (Wang et al.). Two PDFs with the same MD5 but different content can be produced in minutes on a laptop. For anything where an adversary could substitute one file for another, MD5 is dead. For accidental corruption detection, deduplication, cache keys, or fingerprinting in non-adversarial contexts, MD5 is perfectly fine and faster than any of the SHA family.

SHA-1 — broken for security in 2017, still in Git

The SHAttered attack (2017) produced the first practical SHA-1 collision (two distinct PDFs with identical SHA-1). NIST deprecated SHA-1 in 2011 and it is removed from TLS certificates since 2017. Git still uses SHA-1 internally for object addressing because the threat model is accidental collision, not adversarial collision (and Git is migrating to SHA-256 anyway). Outside of that specific tolerance, treat SHA-1 like MD5: not for security.

SHA-256 — the 2026 baseline

Part of the SHA-2 family (NIST FIPS 180-4). No known practical attack. Used for code signing, TLS certificate signatures, Bitcoin proof-of-work, content-addressed storage (Git’s new format, IPFS, OCI container images). The default choice when you actually need cryptographic security.

SHA-512 — counterintuitively faster on 64-bit CPUs

Same security family as SHA-256, no security advantage in practice. On 64-bit hardware, SHA-512 is often faster than SHA-256 because the inner operations are natively 64-bit. Truncated SHA-512/256 (SHA-512 result truncated to 256 bits) is a standard variant with the speed of SHA-512 and the digest size of SHA-256.

Length-extension — why HMAC exists

Plain SHA-256 is vulnerable to length-extension attacks: if you sign a message as secret || message and publish the hash, an attacker who does not know secret can still compute valid hashes for secret || message || suffix for any chosen suffix. Use HMAC-SHA256 (which the HMAC Generator on this site builds) for any signature use case. SHA-3 (Keccak) is not vulnerable to length-extension and is a clean alternative.

Password hashing — none of these

MD5, SHA-1, SHA-256, SHA-512 are all designed to be fast. For password storage you want the opposite: deliberately slow, with a tunable cost factor, salted, and ideally memory-hard. That is bcrypt, scrypt or Argon2 — not anything in the general-purpose hash family. OWASP password-storage guidance recommends Argon2id as of 2026.

Takeaway: Choose the hash by threat model, not by perceived strength. Accidental corruption → MD5 (fast, free, fine). Cache key, dedup, file fingerprint → MD5 or SHA-1 (fast, collisions by accident only). Cryptographic integrity, code signing, content addressing → SHA-256+. Signing where an adversary controls part of the input → HMAC. Password storage → Argon2/bcrypt/scrypt, never anything on this page. The generator above gives you all five in parallel because the right one depends on what you are doing with the output.

Sources: NIST hash functions (FIPS 180-4) · RFC 6151 (MD5 deprecation for security) · SHAttered — first practical SHA-1 collision · OWASP password storage cheatsheet.

Frequently Asked Questions

Can I reverse a hash to get the original text?

Why does a single character change produce a completely different hash?

What is a hash collision?

Is MD5 safe to use in 2025?

Does this tool hash the file itself or its content?

What is the difference between a hash and HMAC?

Why does the tool show uppercase and lowercase options?

Does this tool send my data to a server?

MD5 & SHA Hash Generator