Hash Generator
Generate MD5, SHA-1, SHA-256, and SHA-512 hashes from text directly in your browser.
091c8dcba9ab6ba8de38b838ff995d90Generating...Generating...Generating...What text hashes are for
Hashes are compact fingerprints for exact text. They are useful when you need to compare whether two snippets, exported files, or copied configuration values are byte-for-byte the same after normalisation.
Do not use unsalted hashes as password storage. MD5 and SHA-1 are included for compatibility with older checks, while SHA-256 and SHA-512 are better choices for modern integrity fingerprints.
About the Hash generator
A hash function turns any input, of any length, into a fixed-size fingerprint that changes completely if even one character of the input changes. This tool computes four of them side by side, live as you type: MD5, SHA-1, SHA-256, and SHA-512. Paste a string and you immediately see all four hex digests, which is handy for verifying a checksum, comparing two values, or generating a stable key from some text.
Use it to confirm that a download matches a published checksum, to spot whether two pieces of text are identical without reading them, or to learn how a tiny input change cascades into a totally different digest. The SHA family is computed with your browser's built-in Web Crypto engine; MD5 is computed in JavaScript since browsers no longer expose it natively.
How to use it
- Type or paste your text into the input box.
- Watch all four digests (MD5, SHA-1, SHA-256, SHA-512) recompute instantly as the input changes.
- Compare a digest against a checksum you were given by eye, or copy it for an exact match.
- Click Copy on any row to put that one hash on your clipboard.
- Change a single character to see how completely the output shifts, which demonstrates the avalanche effect.
Examples
Verify a download checksum
A project publishes a SHA-256 for its release file. Paste the same content here, read the SHA-256 row, and compare it character by character against the published value. If they match the file is intact and unmodified; if even two characters differ, the content is not the same.
See the avalanche effect
Hash 'hello', then hash 'Hello'. A single capital letter produces an entirely different SHA-256 with no resemblance to the first. This is by design: a good hash spreads any input change across the whole output, so you cannot infer how close two inputs are from their digests.
Compare two strings safely
Note the SHA-512 of one block of text, then of a second you suspect is identical. Matching 128-character hex strings mean the inputs are the same, which is faster and less error-prone than scanning two walls of text line by line.
Frequently asked questions
- Which algorithms does this tool offer?
- Four: MD5 (128-bit), SHA-1 (160-bit), SHA-256 (256-bit), and SHA-512 (512-bit). The SHA digests come from the browser's Web Crypto API, while MD5 is implemented in JavaScript because modern browsers do not provide it natively.
- Should I use MD5 or SHA-1 for security?
- No. MD5 and SHA-1 are both broken for security purposes: practical collision attacks exist, so they must not be used for signatures, certificates, or password storage. They remain fine as fast non-security checksums. For integrity that matters, use SHA-256 or SHA-512.
- Can I get the original text back from a hash?
- No. Hashing is one-way by design, so there is no decode. The only way to 'reverse' a hash is to guess inputs and hash them until one matches, which is why short or common strings are weak and why password hashing needs salting and slow algorithms.
- Is this suitable for hashing passwords?
- Not on its own. Raw MD5, SHA-1, and even SHA-256 are too fast and unsalted for password storage. Real password hashing uses a deliberately slow, salted algorithm such as bcrypt, scrypt, or Argon2. Use this tool for checksums and comparisons, not credential storage.
- Why might my hash differ from another tool's?
- Almost always because of input differences: a trailing newline, different whitespace, or a different text encoding. This tool hashes the UTF-8 bytes of exactly what is in the box, so a stray space or line ending changes every digit of the result.
Good to know
Hashes underpin a lot of everyday tooling: Git names every commit and file by its SHA, package managers verify downloads against a published digest, and content-addressed storage uses the hash as the key. The defining property is determinism plus the avalanche effect: the same input always yields the same digest, and any change scrambles the whole thing.
Match the algorithm to the job. For pure integrity checks where nobody is trying to cheat, any of the four works and MD5 is fastest. The moment an adversary could craft a malicious file to collide with a good one, MD5 and SHA-1 are unsafe and you need SHA-256 or stronger. For passwords, none of these bare hashes is appropriate. And remember a hash only proves two inputs are the same; a mismatch tells you they differ, not where, so use a diff tool to locate the actual change.