Cryptographic Hash Functions Explained: SHA-256, MD5 & More
Understanding hash functions, their properties, and when to use different algorithms.
basicscryptographysecurity
Read article
Hash Generator (SHA)
GeneratorsGenerate SHA-1, SHA-256, SHA-384, SHA-512 hashes
About SHA Hashing
SHA (Secure Hash Algorithm) produces a fixed-size hash value from input text. SHA-256 is commonly used for security applications.
Learn More About Hash Generator (SHA)
2 articles to help you understand and use this tool effectively
Hash Generator (SHA) FAQ
Common questions about using the Hash Generator (SHA) tool
A hash function takes input of any size and produces a fixed-size output (digest). Properties: deterministic (same input = same output), one-way (can't reverse), collision-resistant (hard to find two inputs with same hash), and avalanche effect (small change = completely different hash).
MD5 (128-bit) and SHA-1 (160-bit) are broken - collisions have been found. SHA-256 (256-bit) remains secure. Use SHA-256 or SHA-3 for security-critical applications. MD5/SHA-1 are only acceptable for non-security checksums.
To generate a hash: 1) Enter your text in the input field, 2) Select SHA-256 from the algorithm options, 3) The hash generates instantly, 4) Copy the hexadecimal result. In JavaScript, use the Web Crypto API: crypto.subtle.digest('SHA-256', data).
No, hash functions are one-way by design. You cannot mathematically reverse a hash. Attackers use rainbow tables (precomputed hashes) or brute force to guess inputs. This is why salting is important for password hashing.
Not regular hashing. Use password-specific algorithms: bcrypt, Argon2, or PBKDF2. These are intentionally slow and include salting. Regular SHA-256 is too fast - attackers can try billions of guesses per second. bcrypt/Argon2 limit attempts.
A salt is random data added to input before hashing. It ensures identical inputs produce different hashes, defeating rainbow table attacks. Each password should have a unique salt, stored alongside the hash. Password algorithms like bcrypt handle salting automatically.
Hashing is one-way - you cannot recover the original data. Encryption is two-way - data can be decrypted with the key. Use hashing for data integrity and passwords; use encryption when you need to retrieve the original data.
For security: SHA-256 or SHA-3. For passwords: Argon2id or bcrypt. For checksums: SHA-256 or BLAKE3. For hash tables (non-crypto): MurmurHash or xxHash. Never use MD5 or SHA-1 for security purposes.
Generate a hash of the file, then compare with the expected hash. If they match, the file is intact. Many downloads provide SHA-256 checksums. Use: shasum -a 256 filename (Unix) or Get-FileHash (PowerShell) to verify.
HMAC (Hash-based Message Authentication Code) combines a hash function with a secret key. It verifies both data integrity AND authenticity. Unlike plain hashing, HMAC proves the sender knew the secret key. Used in JWT signatures, API authentication, and secure cookies.