Skip to content

Hash Generator

In-browser only Web Crypto API MD5 · SHA-1 / 256 / 384 / 512
0 characters · 0 bytes
Output format
Hashes
MD5Not for security
Enter text or pick a file to see hashes.
SHA-1Not for security
Enter text or pick a file to see hashes.
SHA-256
Enter text or pick a file to see hashes.
SHA-384
Enter text or pick a file to see hashes.
SHA-512
Enter text or pick a file to see hashes.
Related tools View all

Overview

Hash text or files with MD5, SHA-1 and SHA-2 in your browser

Compute MD5, SHA-1, SHA-256, SHA-384 and SHA-512 hashes from text or a file — all five at once. Verify a download against a published checksum, and copy any digest in hex or Base64. Runs entirely in your browser; nothing is uploaded.

  • MD5, SHA-1, SHA-256, SHA-384, SHA-512 at once
  • Text and file input modes
  • Streaming file hashing — no size limit
  • One-click checksum verification
  • Hex or Base64 output
  • Runs entirely in your browser
  • All hashing runs entirely in your browser — nothing is transmitted
  • Uses the Web Crypto API with a client-side MD5 fallback
  • Your text and files never leave your device
  • No account, no login, and no data retention of any kind
  • Closing the tab discards all input and computed digests
  • Verify a download against its published checksum
  • Detect accidental file corruption after a transfer
  • Generate a content fingerprint to spot duplicate files
  • Confirm two files are byte-for-byte identical
  • Produce a checksum to publish alongside a release

Guide

How to Use

  1. 1
    Choose an input type

    Use the Text tab to hash typed or pasted text, or the File tab to drag in a file. All five algorithms are computed together.

  2. 2
    Read the hashes

    MD5, SHA-1, SHA-256, SHA-384 and SHA-512 digests appear side by side and update as you type. MD5 and SHA-1 carry a "not for security" badge.

  3. 3
    Pick an output format

    Switch between lowercase hex, uppercase hex, and Base64. The format applies to every digest and to the verify check.

  4. 4
    Copy a digest

    Click Copy on any row to put that digest on your clipboard in the selected format.

  5. 5
    Verify a checksum

    Paste an expected checksum into the verify field. A green match badge highlights the algorithm it matches, so you can confirm a download is intact.

Reference

Hash Algorithms Compared

Hash Algorithms Compared
AlgorithmDigest sizeStatusBest for
MD5128-bitBrokenCasual integrity checks only
SHA-1160-bitBrokenLegacy compatibility only
SHA-256256-bitSecureGeneral-purpose integrity & signing
SHA-384384-bitSecureTruncated SHA-512, certificates
SHA-512512-bitSecureHigh-assurance integrity

Pitfalls

Common Mistakes

  • Forgetting the trailing newline

    Typing "hello" here hashes 5 bytes, but echo "hello" on a terminal hashes 6 — it appends a newline. Use printf '%s' to get a matching digest.

  • Trusting MD5 or SHA-1 against an attacker

    Both have practical collision attacks. They are fine for spotting accidental corruption, but never use them to prove a file has not been tampered with. Use SHA-256 or stronger.

  • Hashing passwords with these algorithms

    MD5, SHA-1 and SHA-2 are far too fast for password storage — an attacker can try billions of guesses per second. Use bcrypt, scrypt, or Argon2 instead.

  • Comparing digests in different formats

    A hex digest and a Base64 digest of the same data look completely different. Match the output format to the checksum you are verifying, or let the verify field normalise it for you.

Frequently Asked Questions

What is a hash and what is it used for?
A cryptographic hash is a fixed-length fingerprint of arbitrary data. It is used to verify file integrity, detect duplicates, build unique identifiers, and check that data has not changed. Even a one-byte change in the input produces a completely different hash.
What is the difference between MD5, SHA-1, SHA-256 and SHA-512?
They differ in digest length and security. MD5 (128-bit) and SHA-1 (160-bit) are fast but have practical collision attacks — fine for non-security checksums only. SHA-256 (256-bit) and SHA-512 (512-bit) are part of the SHA-2 family and are trusted for security-critical use. SHA-384 is a truncated variant of SHA-512.
Is MD5 still safe to use?
Only for spotting accidental corruption, such as confirming a file transfer completed. MD5 is cryptographically broken — collisions can be manufactured — so never use it to prove authenticity against an attacker, and never use it for passwords.
Why is my hash different from sha256sum on the command line?
The most common cause is a trailing newline: echo "text" appends a newline, while this tool hashes exactly what you type. Use printf '%s' "text" | sha256sum to get matching results.
Does this tool upload my file or text anywhere?
No. All hashing happens in your browser using the Web Crypto API and a client-side hashing library. Your input never leaves your device — you can open the browser Network tab and see zero requests carrying your data.
How do I verify a downloaded file’s checksum?
Switch to the File tab, drop in the downloaded file, then paste the checksum from the download page into the verify field. A green match badge appears on the matching algorithm. This works for MD5, SHA-1, SHA-256, SHA-384 and SHA-512 checksums.
Can I hash a very large file in the browser?
Yes. The file is streamed in small chunks and each chunk is fed to all five algorithms in a single pass, so the whole file is never held in memory. There is no hard size limit — your browser’s available memory is the only constraint.
Can I use this tool offline?
Yes. Once the page has loaded, text hashing, file hashing, and copying all work with no network connection.