Hash Generator
Generate MD5, SHA-1, SHA-256, and SHA-512 hashes instantly in your browser. No data leaves your device.
About This Tool
A cryptographic hash maps arbitrary input to a fixed-length output that's effectively unique to the input — changing one bit changes about half the output bits. MD5 produces 128-bit hashes (broken for cryptographic use, fine for checksums); SHA-1 (160-bit, deprecated for crypto); SHA-256 and SHA-512 (current standards, NIST-approved).
The generator computes all four in-browser using the SubtleCrypto API where available, with a JS fallback for MD5.
Cryptographic hash functions have three core properties: deterministic (same input always produces same output), pre-image resistant (given a hash, you can't compute the input that produced it), and collision resistant (you can't find two inputs that produce the same hash). The first two hold for all the hashes here; the third is broken for MD5 and SHA-1. MD5 (Ron Rivest, 1991) was the standard for years before collision attacks in 2004. SHA-1 (NIST, 1995) was deprecated for cryptographic use in 2017 after Google's SHAttered attack demonstrated practical collision generation. SHA-256 and SHA-512 (the SHA-2 family, NIST 2001) remain unbroken with no realistic attack path; SHA-3 (Keccak, 2015) is a different design intended as backup if SHA-2 ever falls. For password storage, none of these are appropriate — use Argon2id, scrypt, or bcrypt, which are deliberately slow.
A worked example: hashing the string "hello world". MD5: 5eb63bbbe01eeed093cb22bb8f5acdc3. SHA-1: 2aae6c35c94fcfb415dbe95f408b9ce91ee846ed. SHA-256: b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9. SHA-512: 309ecc489c12d6eb4cc40f50c902f2b4d0ed77ee511a7c7a9bcd3ca86d4cd86f989dd35bc5ff499670da34255b45b0cfd830e81f605dcf7dc5542e93ae9cd76f. Notice each algorithm produces consistent-length output regardless of input size; the avalanche effect is visible — "hello world" and "hello worlD" (changing one bit) produce completely different hashes. The hash is one-way: knowing the SHA-256 doesn't let you recover "hello world" without trying every possible input.
Limitations: cryptographic hashes target collision resistance and pre-image resistance. They're not appropriate for password storage (too fast — a GPU can compute billions per second), encryption (hashes are one-way; encryption needs to be reversible), or random number generation (use crypto.getRandomValues). The generator runs in the browser using the WebCrypto API; SHA-1 and SHA-2 are accelerated through native code, while MD5 falls back to JavaScript and is slower. For very large files (multi-GB), use a command-line tool — browser memory and processing limits make this impractical at scale.
The about text and FAQ on this page were drafted with AI assistance and reviewed by a member of the Coherence Daddy team before publishing. See our Content Policy for editorial standards.