esc

Hash Generator

Generate MD5, SHA-1, SHA-256, SHA-384, SHA-512 and HMAC hashes for text or files locally in your browser.

Plain text 0 B
Digests
Verify
MD5 128-bit
SHA-1 160-bit
SHA-256 256-bit
SHA-384 384-bit
SHA-512 512-bit
Hashed Text in Hex
Guide

What a hash is — and what it isn't

A cryptographic hash maps any input — a word, a paragraph, or a file — to a fixed-length fingerprint. This hash generator computes MD5, SHA-1, SHA-256, SHA-384 and SHA-512 digests for text and files, with optional HMAC for keyed message authentication. The same input always yields the same digest, while the smallest change produces a completely different one. Hashes are one-way : you can't reverse a digest back into the original data, which makes them ideal for verifying integrity, deduplicating content, and indexing.

Hashing is not encryption and not a password store on its own. MD5 and SHA-1 are broken for security use — collisions are practical — so treat them as checksums only, never for signatures or passwords. Prefer SHA-256 or stronger for integrity checks that matter. For passwords, use a dedicated password hashing function such as Argon2, bcrypt or scrypt rather than a plain SHA hash. To authenticate a message with a shared secret, switch on HMAC and supply a key. Everything here runs locally; the text, files and keys you enter never leave your machine.

FAQ

Frequently asked questions

Is my data uploaded anywhere?

No. SHA-1, SHA-256, SHA-384 and SHA-512 are computed with the browser Web Crypto engine, and MD5 runs in a bundled routine. Text, files and HMAC keys stay in your browser.

Can I reverse a hash back to the original text?

No. Hashing is one-way. So-called hash decrypters are lookup tables of precomputed common inputs, not true reversal. Use encoding or encryption if you need reversible conversion.

Should I still use MD5 or SHA-1?

Use MD5 or SHA-1 only for legacy checksums or non-security comparisons. Both are broken for collision resistance. Use SHA-256 or stronger for integrity checks where attackers matter.

Is SHA-256 enough for password storage?

No. A plain hash is not enough for password storage. Use a password hashing function such as Argon2, bcrypt or scrypt with salts and an appropriate work factor.

What does HMAC add?

HMAC mixes a secret key into the hash so only someone with the same key can reproduce the digest. It is useful for webhook signatures and message authentication.