Hash Generator

Generate SHA-256, SHA-1 and MD5 hashes of any text, computed locally in your browser.

SHA-256
7af4de4587e20a7bc3b6bcd45ffd8826c680159a9ba64c04dcd91a6dd02f4869
SHA-1
54f61828b624e720ad723b9c25a122e5b18906da
MD5
65f6ac97136453f598969578d21ffacf

A hash is a fixed-length fingerprint of any input - the same text always produces the same hash, and even a single character change scrambles every digit. That determinism makes hashes useful for checksums (verify a download did not corrupt), deduplication (store one copy of a file, recognize it by its hash), and cache keys (same input, same cached result). Hashing is not encryption - the text cannot be recovered from the hash, only verified against it. MD5 and SHA-1 are cryptographically broken and belong only in legacy systems and integrity checks; SHA-256 is the modern choice and the one you should reach for. All of this math executes locally, on your device — nothing you type is transmitted anywhere.

Examples

The string "abc" always produces the same SHA-256 hash: ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad. Hash the same text tomorrow, next week, or on a different computer and the result is identical. That is why hashes are reliable checksums.

Change one letter - type "abd" instead of "abc" - and every character of the hash shifts. This avalanche effect means that a tiny difference in input produces a completely different hash, so even one-bit changes are detectable.

FAQ

Can I decrypt a hash back to the original text?

No. Hashing is one-way: the algorithm destroys information on purpose, so there is no mathematical way to reverse it. If you need to recover the original text later, hashing is not the right tool - use encryption instead (which can be decrypted with the correct key).

Why do websites store password hashes instead of passwords?

If a database breach happens, an attacker who steals password hashes cannot use them directly to log in because the login system compares the password you type (hashed) against the stored hash - it never stores or transmits the plain password. Modern systems go further and use salted, slow hashes (like bcrypt or argon2) to make brute-force guessing prohibitively expensive.

Is MD5 still safe to use?

For integrity checks (verifying a file download did not corrupt) or non-security purposes, MD5 is fine - it is fast and useful. For anything security-sensitive (passwords, authentication, certificates), MD5 is broken and unsafe; attackers can generate collisions (different inputs with the same hash). SHA-256 is the standard choice for security.

How is hashing different from a password or UUID generator?

Hashing is deterministic - the same input always produces the same output, so it is used to verify identity or consistency. Generators create new random values each time, so they are for unique IDs and passwords. Hash the same string twice and get the same result; generate a password twice and get two different values.