Hash Generator
Hash Generator is an online tool that automatically generates hash values for input text. Supports MD5, SHA-1, SHA-256, and SHA-512 algorithms and generates all hash values in real-time.
📝 Input Text
✨ Generated Hash
MD5128-bit
SHA-1160-bit
SHA-256256-bit ⭐ Recommended
SHA-512512-bit
Hash functions convert arbitrary-sized data into fixed-size values. Used for password storage, file integrity verification, etc. SHA-256 is currently the most recommended algorithm.
Features
- Multiple Algorithms: MD5, SHA-1, SHA-256, SHA-512 support
- Real-time Generation: Automatically generates hashes as you type
- One-Click Copy: Click hash value to copy to clipboard
- Clear Display: Each algorithm's hash displayed separately
What are Hash Functions?
Hash functions convert arbitrary-length data into fixed-length values. Key characteristics include:
- Deterministic: Same input always produces same output
- Fast Computation: Quick hash generation
- Avalanche Effect: Small input changes cause large output changes
- One-way: Cannot reverse hash to original data
- Collision Resistance: Different inputs should produce different hashes
Supported Algorithms
MD5 (128-bit)
Message-Digest Algorithm 5
- Output Length: 32 characters (128 bits)
- Status: Cryptographically broken - not recommended for security
- Use Cases: Checksums, non-security applications
- Speed: Very fast
Input: Hello World
MD5: b10a8db164e0754105b7a99be72e3fe5
Security Warning
MD5 is not secure for cryptographic purposes. Collisions can be generated, making it vulnerable to attacks. Use only for non-security applications.
SHA-1 (160-bit)
Secure Hash Algorithm 1
- Output Length: 40 characters (160 bits)
- Status: Deprecated for security applications
- Use Cases: Git commits, legacy systems
- Speed: Fast
Input: Hello World
SHA-1: 0a4d55a8d778e5022fab701977c5d840bbc486d0
Deprecation Notice
SHA-1 is deprecated for security purposes. Collisions have been demonstrated. Use SHA-256 or higher for security applications.
SHA-256 (256-bit)
Secure Hash Algorithm 256
- Output Length: 64 characters (256 bits)
- Status: Secure - currently recommended
- Use Cases: Digital signatures, certificates, blockchain, password hashing
- Speed: Moderate
Input: Hello World
SHA-256: a591a6d40bf420404a011733cfb7b190d62c65bf0bcda32b57b277d9ad9f146e
Recommended
SHA-256 is the recommended algorithm for most security applications. It provides excellent security with good performance.
SHA-512 (512-bit)
Secure Hash Algorithm 512
- Output Length: 128 characters (512 bits)
- Status: Secure - highest security level
- Use Cases: High-security applications, password hashing
- Speed: Slower than SHA-256
Input: Hello World
SHA-512: 2c74fd17edafd80e8447b0d46741ee243b7eb74dd2149a0ab1b9246fb30382f27e853d8585719e0e67cbda0daa8f51671064615d645ae27acb15bfb1447f459b
Collision Resistance Comparison
| Algorithm | Output Bits | Collisions Found | Security Status |
|---|---|---|---|
| MD5 | 128 | Yes | ❌ Broken |
| SHA-1 | 160 | Yes (2017) | ⚠️ Deprecated |
| SHA-256 | 256 | No | ✅ Secure |
| SHA-512 | 512 | No | ✅ Secure |
Use Cases
1. Password Storage
// WRONG: Don't store plain text passwords
const password = 'mypassword123';
// user.password = password; // ❌ Never do this
// BETTER: Hash with salt (use bcrypt in production)
import crypto from 'crypto';
function hashPassword(password, salt) {
return crypto.createHash('sha256')
.update(password + salt)
.digest('hex');
}
const salt = crypto.randomBytes(16).toString('hex');
const hashedPassword = hashPassword('mypassword123', salt);
// Store hashedPassword and salt in database
Caution
For password hashing, use specialized algorithms like bcrypt, Argon2, or PBKDF2 instead of plain SHA-256. These are designed to be slow and resist brute-force attacks.
2. File Integrity Verification
// Generate file hash
async function generateFileHash(file) {
const buffer = await file.arrayBuffer();
const hashBuffer = await crypto.subtle.digest('SHA-256', buffer);
const hashArray = Array.from(new Uint8Array(hashBuffer));
return hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
}
// Verify file integrity
const originalHash = 'a591a6d40bf420404a011733cfb7b190...';
const currentHash = await generateFileHash(downloadedFile);
if (originalHash === currentHash) {
console.log('File is intact');
} else {
console.log('File has been modified or corrupted');
}
3. Data Deduplication
import hashlib
def deduplicate_data(data_list):
"""Remove duplicate data using hash"""
seen_hashes = set()
unique_data = []
for data in data_list:
# Generate hash
hash_value = hashlib.sha256(data.encode()).hexdigest()
if hash_value not in seen_hashes:
seen_hashes.add(hash_value)
unique_data.append(data)
return unique_data
# Example
documents = ['doc1 content', 'doc2 content', 'doc1 content']
unique_docs = deduplicate_data(documents)
# Result: ['doc1 content', 'doc2 content']
4. Cache Keys
// Generate cache key using hash
function getCacheKey(url, params) {
const data = JSON.stringify({ url, params });
return crypto.createHash('sha256')
.update(data)
.digest('hex');
}
// Use as cache key
const cacheKey = getCacheKey('https://api.example.com/users', { page: 1, limit: 20 });
const cachedData = cache.get(cacheKey);
if (cachedData) {
return cachedData;
} else {
const freshData = await fetchData();
cache.set(cacheKey, freshData);
return freshData;
}
Programming Examples
JavaScript (Browser)
async function generateHash(algorithm, text) {
const encoder = new TextEncoder();
const data = encoder.encode(text);
// Use SubtleCrypto API
const hashBuffer = await crypto.subtle.digest(algorithm, data);
const hashArray = Array.from(new Uint8Array(hashBuffer));
const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join('');
return hashHex;
}
// Usage
const text = 'Hello World';
// SHA-256
const sha256 = await generateHash('SHA-256', text);
console.log('SHA-256:', sha256);
// SHA-512
const sha512 = await generateHash('SHA-512', text);
console.log('SHA-512:', sha512);
JavaScript (Node.js)
const crypto = require('crypto');
function generateHash(algorithm, text) {
return crypto.createHash(algorithm)
.update(text)
.digest('hex');
}
// Usage
const text = 'Hello World';
console.log('MD5:', generateHash('md5', text));
console.log('SHA-1:', generateHash('sha1', text));
console.log('SHA-256:', generateHash('sha256', text));
console.log('SHA-512:', generateHash('sha512', text));
Python
import hashlib
def generate_hash(algorithm, text):
"""Generate hash using specified algorithm"""
hash_obj = hashlib.new(algorithm)
hash_obj.update(text.encode('utf-8'))
return hash_obj.hexdigest()
# Usage
text = 'Hello World'
print('MD5:', generate_hash('md5', text))
print('SHA-1:', generate_hash('sha1', text))
print('SHA-256:', generate_hash('sha256', text))
print('SHA-512:', generate_hash('sha512', text))
# Alternative: Direct method calls
print('SHA-256:', hashlib.sha256(text.encode()).hexdigest())
print('SHA-512:', hashlib.sha512(text.encode()).hexdigest())
PHP
<?php
function generateHash($algorithm, $text) {
return hash($algorithm, $text);
}
// Usage
$text = 'Hello World';
echo 'MD5: ' . generateHash('md5', $text) . "\n";
echo 'SHA-1: ' . generateHash('sha1', $text) . "\n";
echo 'SHA-256: ' . generateHash('sha256', $text) . "\n";
echo 'SHA-512: ' . generateHash('sha512', $text) . "\n";
// Alternative: Direct function calls
echo 'MD5: ' . md5($text) . "\n";
echo 'SHA-1: ' . sha1($text) . "\n";
?>
Java
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
public class HashGenerator {
public static String generateHash(String algorithm, String text)
throws NoSuchAlgorithmException {
MessageDigest md = MessageDigest.getInstance(algorithm);
byte[] hashBytes = md.digest(text.getBytes());
// Convert bytes to hex string
StringBuilder hexString = new StringBuilder();
for (byte b : hashBytes) {
String hex = Integer.toHexString(0xff & b);
if (hex.length() == 1) hexString.append('0');
hexString.append(hex);
}
return hexString.toString();
}
public static void main(String[] args) throws NoSuchAlgorithmException {
String text = "Hello World";
System.out.println("MD5: " + generateHash("MD5", text));
System.out.println("SHA-1: " + generateHash("SHA-1", text));
System.out.println("SHA-256: " + generateHash("SHA-256", text));
System.out.println("SHA-512: " + generateHash("SHA-512", text));
}
}
Hash vs Encryption
| Feature | Hash | Encryption |
|---|---|---|
| Reversibility | One-way (irreversible) | Two-way (reversible with key) |
| Purpose | Integrity verification, fingerprinting | Data confidentiality |
| Output Length | Fixed | Variable (depends on input) |
| Key Required | No | Yes |
| Speed | Very fast | Relatively slower |
| Use Cases | Passwords, checksums, digital signatures | Secure communication, data storage |
When to Use Hash
- ✅ Password storage (with salt)
- ✅ File integrity verification
- ✅ Digital signatures
- ✅ Data deduplication
- ✅ Cache keys
- ✅ Blockchain
When to Use Encryption
- ✅ Secure communication (HTTPS)
- ✅ File encryption
- ✅ Database encryption
- ✅ Email encryption
- ✅ VPN connections
Security Best Practices
Do's
- Use SHA-256 or higher: For any security-sensitive applications
- Add salt for passwords: Always use salt with password hashing
- Use specialized algorithms: Use bcrypt/Argon2 for passwords
- Verify file integrity: Use hashes to detect file tampering
- Keep hash functions updated: Stay informed about algorithm vulnerabilities
Don'ts
- Don't use MD5 for security: MD5 is cryptographically broken
- Don't use SHA-1 for new applications: SHA-1 is deprecated
- Don't hash passwords without salt: Plain hashing is vulnerable to rainbow table attacks
- Don't use hash for encryption: Hashes cannot be reversed
- Don't truncate hash values: Use complete hash for security
Rainbow Table Attacks
Rainbow tables are precomputed tables of hash values for common passwords. To defend against them:
// VULNERABLE: Plain hash
const hash = crypto.createHash('sha256').update('password123').digest('hex');
// Can be cracked using rainbow tables
// SECURE: Hash with salt
function hashWithSalt(password, salt) {
return crypto.createHash('sha256')
.update(password + salt)
.digest('hex');
}
const salt = crypto.randomBytes(16).toString('hex');
const secureHash = hashWithSalt('password123', salt);
// Rainbow tables won't work because of unique salt
FAQ
Q1. Can hashes be reversed?
A: No. Hash functions are one-way by design. You cannot reverse a hash to get the original data. This is a fundamental property that distinguishes hashing from encryption.
Q2. Why are MD5 and SHA-1 insecure?
A: Both algorithms have been proven vulnerable to collision attacks, where two different inputs produce the same hash. This breaks the fundamental security assumption of hash functions.
Q3. Which algorithm should I use?
A:
- General purpose: SHA-256
- High security: SHA-512
- Passwords: bcrypt, Argon2, or PBKDF2
- Legacy compatibility: Only if required, otherwise avoid MD5/SHA-1
Q4. What is a salt?
A: A salt is random data added to the input before hashing. It prevents rainbow table attacks and ensures identical passwords produce different hashes:
// Without salt
hash('password123') = always same hash
// With salt
hash('password123' + 'random_salt_1') = different hash
hash('password123' + 'random_salt_2') = different hash
Q5. How long does it take to crack a hash?
A: Depends on:
- Algorithm (MD5 is much faster to crack than SHA-512)
- Password complexity
- Available computing power
Example: With modern GPUs:
- MD5: Billions of hashes per second
- SHA-256: Millions of hashes per second
- bcrypt: Thousands of hashes per second (intentionally slow)
Q6. Can two different inputs have the same hash?
A: Theoretically yes (called a collision), but:
- For SHA-256: Probability is astronomically low (2^256 possibilities)
- For MD5/SHA-1: Collisions have been found (security risk)
- For practical purposes with SHA-256+: Consider it impossible
Related Tools
- UUID Generator: Generate unique identifiers
- Timestamp Converter: Convert Unix timestamps to dates
- JSON Formatter: Validate and format JSON data