Hash Generator

Hash Algorithms Compared

• MD5 - Produces a 128-bit (32 character) hash. It's fast but cryptographically broken since 2004. Researchers can generate collisions (two different inputs with the same hash) in seconds. Still fine for non-security stuff like cache keys or quick checksums.
• SHA-1 - Produces a 160-bit (40 character) hash. Google demonstrated a practical SHA-1 collision in 2017 (the SHAttered attack). Major browsers stopped trusting SHA-1 SSL certificates back in 2017. Don't use it for anything security-related.
• SHA-256 - Produces a 256-bit (64 character) hash. This is the current workhorse. Bitcoin uses it. SSL/TLS certificates use it. Git uses it in newer versions. No known practical attacks exist against SHA-256.
• SHA-512 - Produces a 512-bit (128 character) hash. Stronger than SHA-256 with longer output. Actually runs faster than SHA-256 on 64-bit processors. Used when you need the highest level of integrity checking.

Hashing vs. Encryption

People mix these up all the time. Hashing is one-way. You can't reverse a hash to get back the original text. That's by design. Encryption is two-way. You encrypt data with a key and decrypt it with the same key (or a related key). Use hashes for integrity checks. For passwords, use a purpose-built password hashing method. Use encryption when you need to get the original data back.

The Avalanche Effect

Change a single character in your input and the hash output changes completely. Try it. Hash "hello" and then hash "Hello" (capital H). The two hashes will look nothing alike. This property makes hashes great for detecting even tiny changes in data.

Don't Use These for Passwords

MD5 and SHA-256 are too fast for password hashing. An attacker with a modern GPU can try billions of SHA-256 hashes per second. For passwords, use purpose-built algorithms like bcrypt, scrypt or Argon2id. These are intentionally slow and include built-in salt handling.