Note: MD5 and SHA-1 are cryptographically broken — use SHA-256 or SHA-512 for security-sensitive purposes.
About this tool
A cryptographic hash function takes input of any size and produces a fixed-size output called a hash, digest, or checksum. The same input always produces the same hash (determinism), but even a single bit change to the input produces a completely different output (the avalanche effect). Hash functions are designed to be one-directional: computing the hash from input is fast, but finding any input that produces a given hash is computationally infeasible with a secure function.
The major hash algorithms differ in their output size and security status. MD5 produces 128 bits (32 hex characters) and was once universal but has been cryptographically broken since 2004 — practical collision attacks are possible. SHA-1 produces 160 bits and was deprecated by major certificate authorities in 2017 after a chosen-prefix collision was demonstrated in 2020. SHA-256 and SHA-512 (SHA-2 family) produce 256 and 512 bits respectively and are the current standard for security-critical applications. SHA-3 (Keccak) is the newest standard, offering a fundamentally different internal design as an insurance policy against future SHA-2 weaknesses.
File integrity verification is one of the most common practical uses of hashing. When you download software, the publisher provides the SHA-256 hash of the file. After downloading, you hash the file yourself and compare the result. If they match, the file arrived intact and unchanged. If they differ, the file was corrupted in transit or replaced with a different file. This is used by Linux distributions, security software vendors, and any organization distributing files where integrity matters.
Password storage using hashes requires more care than general-purpose hashing. Storing SHA-256(password) is not secure because an attacker who steals the database can precompute hashes for all common passwords (rainbow tables) and look up matches instantly. The correct approaches are: add a random per-user salt before hashing (SHA-256(salt + password)) to defeat precomputation, or use a deliberately slow password hashing function like bcrypt, scrypt, or Argon2. These are designed to be computationally expensive, making brute-force attacks slow even with fast hardware. Argon2id is the current recommendation.
Beyond integrity and passwords, hash functions are used in: Git (every commit, tree, and blob is identified by its SHA-1 hash, with ongoing migration to SHA-256), blockchain proof-of-work (Bitcoin requires that the SHA-256 hash of the block header starts with a certain number of zero bits), content-addressed storage (IPFS identifies files by their hash), digital signatures (signing a hash of the document rather than the full document), HMAC (Hash-based Message Authentication Code), and deduplication systems. Understanding hash functions is foundational to understanding most of modern cryptography.