Why is MD5 not recommended?

MD5 is considered cryptographically broken because researchers have found practical collision attacks — meaning two different inputs can produce the same MD5 hash. It should not be used for security purposes like password hashing or digital signatures.

What is a hash collision?

A hash collision occurs when two different inputs produce the same hash output. While theoretically possible for any hash function (since a fixed-length output cannot uniquely represent all possible inputs), a secure hash algorithm makes finding collisions computationally infeasible. MD5 and SHA-1 have known collision vulnerabilities.

Hash Generator - MD5, SHA-1, SHA-256, SHA-512 Online

How to Use the Hash Generator

Enter your text in the input area above. You can type or paste any text.
Click Generate Hashes to compute all supported hash algorithms simultaneously.
The results table shows SHA-1, SHA-256, SHA-384, and SHA-512 hashes.
Click the Copy button next to any hash value to copy it to your clipboard.

About Cryptographic Hashing

A cryptographic hash function takes an input of any size and produces a fixed-size output called a hash, digest, or checksum. Hash functions are one-way: given a hash, it is computationally infeasible to determine the original input. Even a single character change in the input produces a completely different hash, a property known as the avalanche effect.

Hash functions are fundamental to modern computing and security. They are used for verifying data integrity (checksums), digital signatures, password storage, blockchain technology, and deduplication. This tool uses the Web Crypto API built into your browser, which provides high-performance, standards-compliant implementations of SHA-1, SHA-256, SHA-384, and SHA-512. Note that MD5 is not available through the Web Crypto API as it is considered cryptographically broken and should not be used for security-sensitive applications.

Common Hashing Examples

These examples demonstrate when and how different hash algorithms are used in practice. Try pasting these inputs into the tool above to see the hash outputs.

File Integrity Verification

Software downloads often include SHA-256 checksums so you can verify the file was not corrupted or tampered with:

Expected SHA-256: e3b0c44298fc1c149afbf4c8996fb924
                  27ae41e4649b934ca495991b7852b855

$ sha256sum downloaded-file.zip
e3b0c44298fc1c149afbf4c8996fb924...  downloaded-file.zip

If hashes match, the file is authentic and intact.

API Request Signing

Many APIs use HMAC-SHA256 to sign requests for authentication:

String to sign: GET\n/api/users\n2026-02-17T10:30:00Z
Secret key:     my-api-secret-key
HMAC-SHA256:    a1b2c3d4e5f6... (used as Authorization header)

Git Commit Identifiers

Git uses SHA-1 hashes to identify every commit, tree, and blob:

commit 7fd1a60b01f91b314f59955a4e4d4e80d8edf11d
Author: Developer <[email protected]>
Date:   Mon Feb 17 2026 10:30:00

    Initial commit

Blockchain Proof of Work

Bitcoin mining involves finding SHA-256 hashes that start with a required number of zeros:

Input: block_header + nonce
SHA-256: 000000000019d6689c085ae165831e93...
         ^^^^^^ Must start with enough zeros to meet difficulty target

Hash Algorithm Comparison

This table compares the hash algorithms available in this tool, along with MD5 for reference. Choose the right algorithm based on your security needs and performance requirements.

Algorithm	Output Size	Hex Length	Security Level	Status
MD5	128 bits	32 chars	Broken	Do not use for security
SHA-1	160 bits	40 chars	Deprecated	Collision found (SHAttered)
SHA-256	256 bits	64 chars	Strong	Industry standard
SHA-384	384 bits	96 chars	Strong	Used in TLS/SSL
SHA-512	512 bits	128 chars	Very strong	Highest security in SHA-2 family

When to Use Each Algorithm

Use Case	Recommended Algorithm
File integrity checks	SHA-256
Digital signatures	SHA-256 or SHA-512
API request signing	HMAC-SHA256
Password storage	bcrypt, scrypt, or Argon2 (not plain SHA)
Data deduplication	SHA-256
Non-security checksums	CRC32 or MD5 (speed over security)

Understanding Cryptographic Hash Security

A cryptographic hash function must satisfy three key properties to be considered secure. First, preimage resistance: given a hash output, it should be computationally infeasible to find any input that produces that hash. This is what makes hashing a one-way function. Second, second preimage resistance: given an input and its hash, it should be infeasible to find a different input with the same hash. Third, collision resistance: it should be infeasible to find any two different inputs that produce the same hash.

SHA-256, part of the SHA-2 family designed by the NSA and published by NIST, satisfies all three properties and has withstood decades of cryptanalytic attacks. Its 256-bit output provides 2^128 security against collision attacks (due to the birthday paradox), which means an attacker would need to perform roughly 340 undecillion operations to find a collision. This is far beyond the capability of any current or foreseeable computing technology, including quantum computers for the collision case.

The reason MD5 and SHA-1 are considered broken is that researchers have demonstrated practical collision attacks against them. In 2017, the SHAttered attack produced two different PDF files with identical SHA-1 hashes using only 6,500 years of single-CPU computation. While preimage attacks against MD5 and SHA-1 remain impractical, the broken collision resistance means they should not be used for digital signatures, certificate verification, or any application where an attacker could craft colliding inputs.

Frequently Asked Questions

A cryptographic hash is a fixed-size string generated from input data using a mathematical algorithm. It acts as a digital fingerprint. Even a tiny change in the input produces a completely different hash. Hashes are one-way functions, meaning you cannot reverse them to get the original data.

SHA-1 produces a 160-bit (40 hex character) hash and is considered deprecated for security. SHA-256 produces a 256-bit (64 hex character) hash and is widely used for security. SHA-512 produces a 512-bit (128 hex character) hash and offers the highest security level among these algorithms.

MD5 is considered cryptographically broken because researchers have found practical collision attacks. The Web Crypto API does not support MD5 for security reasons. For integrity checks or security applications, use SHA-256 or SHA-512 instead.

Yes. All hash computation happens entirely in your browser using the Web Crypto API. No data is transmitted to any server. Your input text stays completely private on your device.

No. Cryptographic hash functions are one-way by design. There is no mathematical way to reverse a hash back to the original input. This property is what makes hashes useful for password storage and digital signatures.

A hash collision occurs when two different inputs produce the same hash output. While theoretically possible for any hash function, a secure algorithm makes finding collisions computationally infeasible. MD5 and SHA-1 have known collision vulnerabilities, which is why SHA-256 and SHA-512 are preferred.

Plain hashing alone is not recommended for passwords. Use a purpose-built password hashing function like bcrypt, scrypt, or Argon2 that includes salting and is intentionally slow. Standard hash functions like SHA-256 are too fast, making brute-force attacks feasible.

The avalanche effect means that a tiny change in the input (even a single bit) produces a drastically different hash output. This property ensures that similar inputs do not produce similar hashes, making it impossible to deduce anything about the input from the hash value.

SHA-256 is the most widely recommended algorithm for file integrity verification. It offers a strong balance of security and performance. SHA-512 provides even more security but produces longer hashes. Avoid MD5 and SHA-1 as they are vulnerable to collision attacks.

Hash Generator