Frequently asked questions
What is a hash function?
A hash function takes any input (text, file, data) and produces a fixed-length string called a hash or digest. The same input always produces the same hash, but you cannot reverse a hash back to the original input. Hash functions are used to verify data integrity, store passwords, and create digital signatures.
What is the difference between MD5, SHA-1, SHA-256, SHA-384, and SHA-512?
They differ in output size and security. MD5 produces 128-bit hashes, SHA-1 produces 160-bit, SHA-256 produces 256-bit, SHA-384 produces 384-bit, and SHA-512 produces 512-bit hashes. MD5 and SHA-1 are considered cryptographically broken and should not be used for security purposes — but they are still commonly used for checksums. SHA-256 and above are the current standard for secure applications.
Is MD5 still useful?
MD5 is no longer safe for passwords or digital signatures because collisions can be generated. However, it is still widely used for non-security purposes like verifying file downloads, database checksums, and cache keys — where speed matters more than collision resistance.
Can my data be seen when I use this tool?
No. All hashing happens entirely in your browser using the Web Crypto API (for SHA algorithms) and a pure JavaScript implementation (for MD5). Nothing is sent to any server — not the text, not the file, not the hash.
Can I hash a file with this tool?
Yes. Click the Upload File button or drag and drop a file onto the input area. The file contents will be read locally in your browser and hashed immediately. Only text files are supported — binary file hashing requires reading bytes directly, which this tool currently handles as text.
What is SHA-256 used for?
SHA-256 is used extensively in security applications: TLS/HTTPS certificates, Bitcoin and most cryptocurrencies, code signing, digital signatures, and password hashing (usually with a salt via PBKDF2 or bcrypt). It is the most widely deployed secure hash algorithm today.