Hash Generator
Generate MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes instantly. View output in lowercase hex, uppercase hex, or Base64. All processing runs locally in your browser — nothing is stored or transmitted.
Click hash to copy
🔒 All processing happens locally in your browser — nothing is stored or sent to any server.
All processing happens locally in your browser — nothing is stored or sent to any server.
How to Use This Hash Generator
- Enter text in the input area — or click Load sample to try it out.
- Choose an algorithm: MD5, SHA-1, SHA-256, SHA-384, or SHA-512. SHA-256 is the recommended default.
- Click Generate Hash (or press Ctrl+Enter) — the hash computes instantly.
- Choose a format: lowercase hex (default), uppercase hex, or Base64. Click the hash output itself to copy it.
About Hash Functions
A cryptographic hash function takes any input — a single character or an entire file — and produces a fixed-length "digest" (also called a hash or checksum). The same input always produces the same output. Hash functions are designed to be one-way: given a hash, it should be computationally infeasible to recover the original input.
Hashes are used everywhere in software: verifying file integrity after download, storing passwords securely (with salting), creating digital signatures, generating commit IDs in Git, and detecting duplicates in databases. This tool supports five common hash algorithms spanning from the legacy MD5 to the modern SHA-2 family.
This tool uses the browser's built-in crypto.subtle.digest API for SHA-family hashes (which never leaves your device) and a pure JavaScript implementation for MD5. No data is ever sent to a server.
Frequently Asked Questions
What is a hash function? ▼
A hash function (also called a hash algorithm) converts any input data into a fixed-length "digest" — a short string of characters. The same input always produces the same output. Hash functions are one-way: you can compute a hash from data, but you cannot reverse a hash back to the original data.
What is MD5 and why is it considered insecure? ▼
MD5 produces a 128-bit hash (32 hex characters). It was widely used for checksums and password storage, but is now considered cryptographically broken because attackers can craft different inputs that produce the same MD5 hash (a collision attack). You should not use MD5 for security purposes — use SHA-256 or SHA-512 instead. MD5 is still fine for non-cryptographic checksums like verifying file integrity.
When should I use SHA-256 vs SHA-512? ▼
SHA-256 produces a 256-bit hash (64 hex characters) and is the most widely used cryptographic hash today. SHA-512 produces a longer 512-bit hash and is faster on 64-bit processors. For most security purposes, SHA-256 is the standard choice. SHA-512 is preferred when you need a longer hash output or are working on systems where its specific performance characteristics are beneficial.
Is my data sent to a server? ▼
No. This tool uses the Web Crypto API (<code>crypto.subtle.digest</code>) for SHA hashes and a pure JavaScript implementation for MD5. All computation happens locally in your browser. Nothing is uploaded, transmitted, or stored. You can even use this tool offline.
What is the difference between hex and Base64 output? ▼
Hex (hexadecimal) represents each byte as two characters from 0-9 and a-f (or A-F). It is the most common format for displaying hashes. Base64 represents the raw binary hash as ASCII characters — it is more compact than hex (33% shorter) but uses less common characters. Both are equivalent ways of representing the same hash value.
Can I hash Unicode text and emoji? ▼
Yes. The tool encodes your input as UTF-8 before hashing, so it handles any Unicode character including emoji, CJK characters, and accented letters correctly. The same text will always produce the same hash regardless of how it is encoded.
What is SHA-1 used for today? ▼
SHA-1 produced a 160-bit hash and was used in TLS certificates, Git commits, and many older systems. It has been considered weak since 2005 and is officially deprecated for most security uses by NIST. Git still uses SHA-1 for commit identifiers (though not for security), and some legacy systems still use it. For new projects, always use SHA-256 or stronger.