Generate SHA-1, SHA-256, SHA-384 and SHA-512 hashes from any text instantly. Everything runs in your browser.
A hash function takes any input and produces a fixed-length output called a hash, digest, or checksum. The same input always produces the same output. Change even one character in the input and the output changes completely. This property is called the avalanche effect and it is what makes hash functions useful for verifying data integrity.
Hash functions are one-way. You cannot mathematically reverse a hash back to the original input. This is what makes them useful for storing passwords. Instead of storing the password itself, systems store its hash. When a user logs in, the system hashes the entered password and compares it to the stored hash. If they match, the password is correct. If the database is breached, attackers only get hashes which cannot be reversed to get the original passwords.
SHA-1 produces a 160-bit hash shown as a 40 character hex string. It was widely used for SSL certificates and file integrity checks but is no longer considered cryptographically secure. Collision attacks have been demonstrated against SHA-1 meaning two different inputs can produce the same hash. Do not use SHA-1 for security purposes. It is still acceptable for non-security checksums where speed matters more than cryptographic strength.
SHA-256 produces a 256-bit hash shown as a 64 character hex string. It is part of the SHA-2 family and is currently the most widely used cryptographic hash function. Bitcoin uses SHA-256 for its proof of work algorithm. Most TLS certificates use SHA-256. File integrity verification tools use SHA-256. It is considered secure against all known attacks and is the recommended choice for most applications.
SHA-384 produces a 384-bit hash shown as a 96 character hex string. It is a truncated version of SHA-512 and is used in some TLS cipher suites. It offers more security margin than SHA-256 with a modest performance cost. Most applications do not need SHA-384 specifically but it is a good choice when you need something stronger than SHA-256 but do not need the full SHA-512 output size.
SHA-512 produces a 512-bit hash shown as a 128 character hex string. It offers the largest security margin of the SHA-2 family and is used when maximum cryptographic strength is needed. On 64-bit systems SHA-512 is often faster than SHA-256 because it uses 64-bit operations internally. Use SHA-512 for high security applications like signing critical documents or generating key derivation inputs.
Hash functions and encryption are often confused but they are fundamentally different. Encryption is a two-way process — data is encrypted with a key and can be decrypted back to the original with the right key. Hashing is one-way — the hash cannot be reversed to the original input. Use encryption when you need to recover the original data. Use hashing when you only need to verify that data has not changed.
No. Hash functions are mathematically one-way. There is no algorithm that can reverse a hash to the original input. Rainbow table attacks can crack weak or common passwords by pre-computing hashes for millions of common inputs but a strong unique password cannot be reversed this way.
None of the hash functions on this page. For passwords you should use a dedicated password hashing algorithm like bcrypt, Argon2, or PBKDF2. These are specifically designed to be slow which makes brute force attacks impractical. SHA-256 and SHA-512 are too fast for password hashing — an attacker can try billions of guesses per second.
A collision is when two different inputs produce the same hash output. Because hash functions map an infinite set of inputs to a fixed-length output, collisions are mathematically inevitable. The goal of a cryptographic hash function is to make collisions computationally infeasible to find. SHA-256 and SHA-512 have no known practical collision attacks.
Yes. Everything runs in your browser using the Web Crypto API. Your text is never sent to any server and is not stored anywhere.
Hash functions are deterministic — given the same input they always produce the same output. This is what makes them useful for verification. If you hash a file and get a certain value, anyone else hashing the same file should get the exact same value. If even one bit is different the hash will be completely different.